CVE-2025-39680 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-39680 PUBLISHED CVSS 7.099999904632568 HIGH

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer The data->block[0] variable comes from user. Without proper check, the variable may be very large to cause an out-of-bounds bug. Fix this bug by checking the value of data->block[0] first. 1. commit 39244cc75482 ("i2c: ismt: Fix an out-of-bounds bug in ismt_access()") 2. commit 92fbb6d1296f ("i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()")

EPSS 0.02% · 5.8th percentile

Risk Scores

CVSS v3.1

7.099999904632568

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Score

0.02%

5.8th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.13, 6.13, 6.13
Linux	Linux	c366be720235301fdadf67e6f1ea6ff32669c074, 6.17, c366be720235301fdadf67e6f1ea6ff32669c074

Timeline

Jan 21, 1970 Security Advisory
Sep 5, 2025 Coalition ESS Score
Sep 5, 2025 CVE Published
Sep 6, 2025 EPSS Score
Sep 7, 2025 Coalition ESS Score
Sep 8, 2025 Coalition ESS Score
Sep 13, 2025 EPSS Score
Sep 16, 2025 Coalition ESS Score
Sep 20, 2025 EPSS Score
Sep 27, 2025 EPSS Score
Oct 4, 2025 EPSS Score
Oct 8, 2025 Coalition ESS Score

References

Open in Interactive Console →