CVE-2025-39883 — Out-of-bounds Read in Linux
Severity
7.1HIGHNVD
EPSS
0.0%
top 95.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 23
Latest updateApr 13
Description
In the Linux kernel, the following vulnerability has been resolved:
mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory
When I did memory failure tests, below panic occurs:
page dumped because: VM_BUG_ON_PAGE(PagePoisoned(page))
kernel BUG at include/linux/page-flags.h:616!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
CPU: 3 PID: 720 Comm: bash Not tainted 6.10.0-rc1-00195-g148743902568 #40
RIP: 0010:unpoison_memory+0x2f3/0x590
RSP: 0018:ffffa57fc8787d60 EFLAGS…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2
Affected Packages3 packages
▶CVEListV5linux/linuxf1dd2cd13c4bbbc9a7c4617b3b034fa643de98fe — 8e01ea186a52c90694c08a9ff57bea1b0e78256a+8
Also affects: Debian Linux 11.0
Patches
🔴Vulnerability Details
3OSV▶
CVE-2025-39883: In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory Whe↗2025-09-23
GHSA▶
GHSA-r5ff-446r-jr83: In the Linux kernel, the following vulnerability has been resolved:
mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory
W↗2025-09-23