CVE-2025-39935

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory corruption issue exists in the sma1307 setting loaded() function within the ASoC codec for the sma1307 device. The issue stems from an incorrect memory allocation size for the sma1307->set.header, leading to potential data corruption when copying data using the memcpy() function. Specifically, the allocation size is based on bytes instead of the required number of integers. The function sma1307 setting loaded() is involved in the process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

BDU:2026-04407

CVE-2025-39935

Affected Products

Linux Kernel

Sma1307 Codec

CVE-2025-39935

Weakness Enumeration

Related Identifiers

Affected Products

References · 17