CVE-2025-39787
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/09/2025
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
soc: qcom: mdt_loader: Ensure we don&#39;t read past the ELF header<br />
<br />
When the MDT loader is used in remoteproc, the ELF header is sanitized<br />
beforehand, but that&#39;s not necessary the case for other clients.<br />
<br />
Validate the size of the firmware buffer to ensure that we don&#39;t read<br />
past the end as we iterate over the header. e_phentsize and e_shentsize<br />
are validated as well, to ensure that the assumptions about step size in<br />
the traversal are valid.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0d59ce2bfc3bb13abe6240335a1bf7b96536d022
- https://git.kernel.org/stable/c/1096eb63ecfc8df90b70cd068e6de0c2ff204dfd
- https://git.kernel.org/stable/c/43d26997d88c4056fce0324e72f62556bc7e8e8d
- https://git.kernel.org/stable/c/81278be4eb5f08ba2c68c3055893e61cc03727fe
- https://git.kernel.org/stable/c/87bfabb3b2f46827639173f143aa43f7cfc0a7e6
- https://git.kernel.org/stable/c/981c845f29838e468a9bfa87f784307193a31297
- https://git.kernel.org/stable/c/9f9967fed9d066ed3dae9372b45ffa4f6fccfeef
- https://git.kernel.org/stable/c/e1720eb32acf411c328af6a8c8f556c94535808e
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html