VDB
CVE-2025-39680
CVE-2025-39680
PUBLISHED
CVSS 7.099999904632568 HIGH
In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer The data->block[0] variable comes from user. Without proper check, the variable may be very large to cause an out-of-bounds bug. Fix this bug by checking the value of data->block[0] first. 1. commit 39244cc75482 ("i2c: ismt: Fix an out-of-bounds bug in ismt_access()") 2. commit 92fbb6d1296f ("i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()")
EPSS 0.03% · 10.5th percentile
Risk Scores
CVSS 3.1
7.099999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score
0.03%
10.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 6.13, 6.13, 6.17 |
| Linux | Linux | 6.13, 0, 6.17 |
Exploit Intelligence
- https://git.kernel.org/stable/c/071e43fcba5ddd9a7813e6cc0aa10299eae41b21 (circl)
- https://git.kernel.org/stable/c/57f312b955938fc4663f430cb57a71f2414f601b (circl)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
Timeline
- Jan 21, 1970 Security Advisory
- Sep 5, 2025 Coalition ESS Score
- Sep 5, 2025 CVE Published
- Sep 6, 2025 EPSS Score
- Sep 7, 2025 Coalition ESS Score
- Sep 8, 2025 Coalition ESS Score
- Sep 13, 2025 EPSS Score
- Sep 16, 2025 Coalition ESS Score
- Sep 21, 2025 EPSS Score
- Sep 28, 2025 EPSS Score
- Oct 6, 2025 EPSS Score
- Oct 8, 2025 Coalition ESS Score