SB20250916397 - Input validation error in Linux kernel acpi driver
Published: September 16, 2025
Security Bulletin ID
SB20250916397
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-39799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the acpi_processor_ppc_init() function in drivers/acpi/processor_perflib.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/19849010c9e18d54375091864a3313fc328d6186
- https://git.kernel.org/stable/c/31ee723d6fc581b76396994a96b85be3e87f67d6
- https://git.kernel.org/stable/c/8972d7dbdac029c9dbf62a45d7d8c71999785765
- https://git.kernel.org/stable/c/bf2809541497749c4f2646b87bf75244f5a2a5d9
- https://git.kernel.org/stable/c/cb4b5f4a1e778f6a20d06d4eda6842714a817618
- https://git.kernel.org/stable/c/d405ec23df13e6df599f5bd965a55d13420366b8
- https://git.kernel.org/stable/c/edc065c19257adfd9c356178dac021df661e169e
- https://git.kernel.org/stable/c/fc36403e741d7674a44632313db33fa7605cb2b4
- https://git.kernel.org/stable/c/fd9cad6b0676e0bb3a98ee0a8865a86e2f53eb07