CVE-2025-39722Improper Validation of Consistency within Input in Linux

CWE-1288Improper Validation of Consistency within Input5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 5

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO (Security Controller) on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to register page 0 suspend operations cannot touch this page. This is similar to when running OPTEE, where OPTEE will reserve page 0. Track this situation using a new state variable no_page0, reflect

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.106.12.44+1
Debianlinux/linux_kernel< 6.12.48-1+1
CVEListV5linux/linuxd2835701d93cae6d597672ef9dc3fa889867031af9534674ce53f133c91c272f091f0242932574ae+3
debiandebian/linux< linux 6.16.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-r7qm-g588-qvq3: In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on2025-09-05
OSV
CVE-2025-39722: In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on th2025-09-05

📋Vendor Advisories

2
Red Hat
kernel: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP2025-09-05
Debian
CVE-2025-39722: linux - In the Linux kernel, the following vulnerability has been resolved: crypto: caa...2025
CVE-2025-39722 — Linux vulnerability | cvebase