#VU115655 Input validation error in Linux kernel - CVE-2025-39799
Published: September 16, 2025
Vulnerability identifier: #VU115655
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-39799
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the acpi_processor_ppc_init() function in drivers/acpi/processor_perflib.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/19849010c9e18d54375091864a3313fc328d6186
- https://git.kernel.org/stable/c/31ee723d6fc581b76396994a96b85be3e87f67d6
- https://git.kernel.org/stable/c/8972d7dbdac029c9dbf62a45d7d8c71999785765
- https://git.kernel.org/stable/c/bf2809541497749c4f2646b87bf75244f5a2a5d9
- https://git.kernel.org/stable/c/cb4b5f4a1e778f6a20d06d4eda6842714a817618
- https://git.kernel.org/stable/c/d405ec23df13e6df599f5bd965a55d13420366b8
- https://git.kernel.org/stable/c/edc065c19257adfd9c356178dac021df661e169e
- https://git.kernel.org/stable/c/fc36403e741d7674a44632313db33fa7605cb2b4
- https://git.kernel.org/stable/c/fd9cad6b0676e0bb3a98ee0a8865a86e2f53eb07