CVE-2025-39795
MEDIUMLinux Kernel - Integer Overflow in blk_stack_limits() Chunk Sectors Check
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value. However, by finding the chunk_sectors value in bytes, we may overflow the unsigned int which holds chunk_sectors, so change the check to be based on sectors.
References (12)
Core 12
Core References
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-032379.html
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Scores
CVSS v3
5.5
EPSS
0.0015
EPSS Percentile
4.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-674
Status
published
Products (27)
debian/debian_linux
11.0
linux/Kernel
5.10.0 - 5.10.241linux
linux/Kernel
5.11.0 - 5.15.190linux
linux/Kernel
5.16.0 - 6.1.149linux
linux/Kernel
6.13.0 - 6.15.11linux
linux/Kernel
6.16.0 - 6.16.2linux
linux/Kernel
6.2.0 - 6.6.103linux
linux/Kernel
6.7.0 - 6.12.43linux
Linux/Linux
< 5.10
Linux/Linux
22ada802ede89829dd010a317d9b812b7df7111a - 14beeef4aafecc8a41de534e31fb5be94739392f
... and 17 more
Published
Sep 12, 2025
Tracked Since
Feb 18, 2026