VYPR
High severity7.1NVD Advisory· Published Sep 5, 2025· Updated Jun 17, 2026

CVE-2025-39680

CVE-2025-39680

Description

In the Linux kernel, the following vulnerability has been resolved:

i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer

The data->block[0] variable comes from user. Without proper check, the variable may be very large to cause an out-of-bounds bug.

Fix this bug by checking the value of data->block[0] first.

1. commit 39244cc75482 ("i2c: ismt: Fix an out-of-bounds bug in ismt_access()") 2. commit 92fbb6d1296f ("i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()")

Affected products

2
  • Linux/Kernelllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 6.13

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.