CVE-2025-39778

Published: Apr 18, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show() The csts_state_names[] array only has six sparse entries, but the iteration code in nvmet_ctrl_state_show() iterates seven, resulting in a potential out-of-bounds stack read. Fix that. Fixes the following warning with an UBSAN kernel: vmlinux.o: warning: objtool: .text.nvmet_ctrl_state_show: unexpected end of section

Vendor	Product	Versions
Linux	Linux	affected `649fd41420a816b11b07423ebf4dbd4ac1ac2905 - < 1adc93a525fdee8e2b311e6d5fd93eb69714ca05` affected `649fd41420a816b11b07423ebf4dbd4ac1ac2905 - < 8fbf37a3577b4d64c150cafde338eee17b2f2ea4` affected `649fd41420a816b11b07423ebf4dbd4ac1ac2905 - < 0cc0efc58d6c741b2868d4af24874d7fec28a575` affected `649fd41420a816b11b07423ebf4dbd4ac1ac2905 - < 107a23185d990e3df6638d9a84c835f963fe30a6`
Linux	Linux	affected `6.11` unaffected `0 - < 6.11` unaffected `6.12.23 - <= 6.12.` unaffected `6.13.11 - <= 6.13.` unaffected `6.14.2 - <= 6.14.*` +1 more versions

References

https://git.kernel.org/stable/c/1adc93a525fdee8e2b311e6d5fd93eb69714ca05

https://git.kernel.org/stable/c/8fbf37a3577b4d64c150cafde338eee17b2f2ea4

https://git.kernel.org/stable/c/0cc0efc58d6c741b2868d4af24874d7fec28a575

https://git.kernel.org/stable/c/107a23185d990e3df6638d9a84c835f963fe30a6

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39778

Description

Affected Products

References