#VU115996 Improper Initialization in Linux kernel - CVE-2025-39844
Published: September 22, 2025
Vulnerability identifier: #VU115996
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-39844
CWE-ID: CWE-665
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the include/linux/vmalloc.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/469f9d22751472b81eaaf8a27fcdb5a70741c342
- https://git.kernel.org/stable/c/4f7537772011fad832f83d6848f8eab282545bef
- https://git.kernel.org/stable/c/6797a8b3f71b2cb558b8771a03450dc3e004e453
- https://git.kernel.org/stable/c/732e62212f49d549c91071b4da7942ee3058f7a2
- https://git.kernel.org/stable/c/7cc183f2e67d19b03ee5c13a6664b8c6cc37ff9d
- https://git.kernel.org/stable/c/eceb44e1f94bd641b2a4e8c09b64c797c4eabc15