CVE-2025-39794

Vulnerability

Details

CVE-2025-39794 is a vulnerability in the Linux kernel affecting ARM Tegra platforms. The root cause is that the kernel used the standard memcpy function to write to Internal RAM (IRAM). The Kernel Address Sanitizer (KASAN) detects this as an invalid memory access because IRAM is not regular memory, causing a crash when KASAN checks memory access boundaries [1].

Exploitation

To trigger the vulnerability, an attacker would need to be able to trigger a write to IRAM on an affected ARM Tegra system with KASAN enabled. The write itself is a legitimate kernel operation, but the use of the wrong memcpy variant causes a crash. No special privileges are required beyond the ability to initiate such a write, which may be possible from user space or through kernel drivers [2].

Impact

If triggered, this vulnerability leads to a kernel crash (denial of service). The CVSS v3 base score is 5.5 (Medium), with the main impact being availability [1]. There is no indication of privilege escalation or information disclosure.

Mitigation

The fix is to replace the normal memcpy with an I/O memory copy function (such as memcpy_toio) that correctly handles accesses to IRAM. Patches have been submitted to the Linux kernel stable trees [3][4]. Users should update to a kernel version containing the fix. The affected product SIMATIC CN 4100 is also listed as affected and requires a firmware update [1].