CVE-2025-39778

HIGH7.1

objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show()

Published Apr 18, 2025

Modified 3 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show()

The csts_state_names[] array only has six sparse entries, but the iteration code in nvmet_ctrl_state_show() iterates seven, resulting in a potential out-of-bounds stack read. Fix that.

Fixes the following warning with an UBSAN kernel:

vmlinux.o: warning: objtool: .text.nvmet_ctrl_state_show: unexpected end of section

References

WEBhttps://git.kernel.org/stable/c/0cc0efc58d6c741b2868d4af24874d7fec28a575 WEBhttps://git.kernel.org/stable/c/107a23185d990e3df6638d9a84c835f963fe30a6 WEBhttps://git.kernel.org/stable/c/1adc93a525fdee8e2b311e6d5fd93eb69714ca05 WEBhttps://git.kernel.org/stable/c/8fbf37a3577b4d64c150cafde338eee17b2f2ea4 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2025-39778

CVSS Analysis

CVSS v3.1

7.1

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

HighA:H

7.1/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Ecosystems

Timeline

PublishedApr 18, 2025

ModifiedOct 1, 2025

CVE-2025-39778 | Mondoo Vulnerability Intelligence