CVE-2025-39777 — Vulnetix

CVE-2025-39777 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - Fix CFI failure due to type punning To avoid a crash when control flow integrity is enabled, make the workspace ("stream") free function use a consistent type, and call it through a function pointer that has that same type.

EPSS 0.03% · 7.4th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.03%

7.4th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.16, 6.16, 6.16
Linux	Linux	42d9f6c774790d290c175e8775ce9f1366438098, 42d9f6c774790d290c175e8775ce9f1366438098, 6.16

Timeline

Sep 11, 2025 CVE Published
Sep 12, 2025 EPSS Score
Sep 19, 2025 EPSS Score
Sep 26, 2025 EPSS Score
Oct 4, 2025 EPSS Score
Oct 11, 2025 EPSS Score
Oct 18, 2025 EPSS Score
Oct 25, 2025 EPSS Score
Nov 1, 2025 EPSS Score
Nov 9, 2025 EPSS Score
Nov 16, 2025 EPSS Score
Nov 23, 2025 EPSS Score

References

https://git.kernel.org/stable/c/7ec68c59461ca846aab9b7c2b39f63ac7c8a43cf url
https://git.kernel.org/stable/c/962ddc5a7a4b04c007bba0f3e7298cda13c62efd url
https://nvd.nist.gov/vuln/detail/CVE-2025-39777 advisory

Open in Interactive Console →