CVE-2025-39828

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a vulnerability in the atmtcp subsystem that could allow for arbitrary write access. Specifically, the issue resides within the atmtcp recv control() function and is triggered when processing messages from sendmsg(). The vulnerability occurs because sendmsg() does not validate the message length, potentially allowing a user to overwrite kernel memory via atmtcp control.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Insufficient Verification of Data Authenticity

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345CWE-787

Related Identifiers

AZL-67392

BDU:2025-15289

CVE-2025-39828

DLA-4327-1

DLA-4328-1

DSA-6008-1

DSA-6009-1

ECHO-921E-CBCD-DABB

OESA-2026-1303

OESA-2026-1304

OESA-2026-1305

OESA-2026-1341

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:21040-1

SUSE-SU-2025:21052-1

SUSE-SU-2025:21056-1

SUSE-SU-2025:21064-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4140-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4301-1

USN-7909-1

USN-7909-2

USN-7909-3

USN-7909-4

USN-7909-5

USN-7910-1

USN-7910-2

USN-7933-1

USN-7938-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2025-39828

Weakness Enumeration

Related Identifiers

Affected Products

References · 3731