CVE-2025-39836

Sažetak

In the Linux kernel, the following vulnerability has been resolved: efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setup_mm_hdr() is later on passed to tee_shm_register_kernel_buf(). The latter expects those buffers to be contiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause various corruptions or BUGs, specifically since commit 9aec2fb0fd5e ("slab: allocate frozen pages"), though it was broken before as well. Fix this by using alloc_pages_exact() instead of kmalloc().

Reference

https://git.kernel.org/stable/c/630c0e6064daf84f17aad1a7d9ca76b562e3fe47
https://git.kernel.org/stable/c/77ff27ff0e4529a003c8a1c2492c111968c378d3
https://git.kernel.org/stable/c/c5e81e672699e0c5557b2b755cc8f7a69aa92bff

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

17-09-2025 - 14:18

Objavljeno

16-09-2025 - 14:15