SB2025092233 - Improper Initialization in Linux kernel
Published: September 22, 2025
Security Bulletin ID
SB2025092233
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper Initialization (CVE-ID: CVE-2025-39844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the include/linux/vmalloc.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/469f9d22751472b81eaaf8a27fcdb5a70741c342
- https://git.kernel.org/stable/c/4f7537772011fad832f83d6848f8eab282545bef
- https://git.kernel.org/stable/c/6797a8b3f71b2cb558b8771a03450dc3e004e453
- https://git.kernel.org/stable/c/732e62212f49d549c91071b4da7942ee3058f7a2
- https://git.kernel.org/stable/c/7cc183f2e67d19b03ee5c13a6664b8c6cc37ff9d
- https://git.kernel.org/stable/c/eceb44e1f94bd641b2a4e8c09b64c797c4eabc15