CVE-2025-39727 — Classic Buffer Overflow in Linux
Severity
7.8HIGHNVD
OSV3.2
EPSS
0.0%
top 95.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 7
Latest updateDec 15
Description
In the Linux kernel, the following vulnerability has been resolved:
mm: swap: fix potential buffer overflow in setup_clusters()
In setup_swap_map(), we only ensure badpages are in range (0, last_page].
As maxpages might be = maxpages.
Only call inc_cluster_info_page() for badpage which is < maxpages to fix
the issue.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages4 packages
▶CVEListV5linux/linuxb843786b0bd01ced7fcdbf3b033d68db2f7c61b2 — 91b370800b3f2b3dda244c0ab06719c4971190a5+4
Patches
🔴Vulnerability Details
8OSV▶
linux, linux-aws, linux-gcp, linux-hwe-6.14, linux-oracle, linux-realtime vulnerabilities↗2025-11-21
📋Vendor Advisories
7💬Community
1Bugzilla
▶