CVE-2025-39902
Published: Oct 1, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in object_err() object_err() reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to access object metadata can lead to a crash since it does not point to a valid object. One known path to the crash is when alloc_consistency_checks() determines the pointer to the allocated object is invalid because of a freelist corruption, and calls object_err() to report it. The debug code should report and handle the corruption gracefully and not crash in the process. In case the pointer is NULL or check_valid_pointer() returns false for the pointer, only print the pointer value and skip accessing metadata.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 81819f0fc8285a2a5a921c019e3e3d7b6169d225 - < 872f2c34ff232af1e65ad2df86d61163c8ffad42affected 81819f0fc8285a2a5a921c019e3e3d7b6169d225 - < f66012909e7bf383fcdc5850709ed5716073fdc4affected 81819f0fc8285a2a5a921c019e3e3d7b6169d225 - < 7e287256904ee796c9477e3ec92b07f236481ef3affected 81819f0fc8285a2a5a921c019e3e3d7b6169d225 - < 1f0797f17927b5cad0fb7eced422f9a7c30a3191affected 81819f0fc8285a2a5a921c019e3e3d7b6169d225 - < 0ef7058b4dc6fcef622ac23b45225db57f17b83f+3 more versions |
Linux | Linux | affected 2.6.22unaffected 0 - < 2.6.22unaffected 5.4.299 - <= 5.4.*unaffected 5.10.243 - <= 5.10.*unaffected 5.15.192 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now