Main Vulnerability Database SB2025100165

SB2025100165 - Reachable assertion in Linux kernel core

Published: October 1, 2025

Security Bulletin ID SB2025100165

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Reachable assertion (CVE-ID: CVE-2025-39900)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the est_timer() function in net/core/gen_estimator.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/9f74c0ea9b26d1505d55b61e36b1623dd347e1d1
https://git.kernel.org/stable/c/a22ec2ee824be30803068a52f78f7ffe3bc879fb
https://git.kernel.org/stable/c/e79923824c48b930609680be04cb29253fc4a17d