In the Linux kernel, the following vulnerability has been resolved: ARM: tegra: Use I/O memcpy to write to IRAM Kasan crashes the kernel trying to check boundaries when using the normal memcpy.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00049.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux
  • Linux Kernel
References
Link Providers
https://git.kernel.org/stable/c/2499b0ac908eefbb8a217aae609b7a5b5174f330 cve-icon cve-icon
https://git.kernel.org/stable/c/30ef45b89a5961cdecf907ecff1ef3374d1de510 cve-icon cve-icon
https://git.kernel.org/stable/c/387435f4833f97aabfd74434ee526e31e8a626ea cve-icon cve-icon
https://git.kernel.org/stable/c/398e67e0f5ae04b29bcc9cbf342e339fe9d3f6f1 cve-icon cve-icon
https://git.kernel.org/stable/c/46b3a7a3a36d5833f14914d1b95c69d28c6a76d6 cve-icon cve-icon
https://git.kernel.org/stable/c/75a3bdfeed2f129a2c7d9fd7779382b78e35b014 cve-icon cve-icon
https://git.kernel.org/stable/c/96d6605bf0561d6e568b1dd9265a0f73b5b94f51 cve-icon cve-icon
https://git.kernel.org/stable/c/9b0b3b5e5cae95e09bf0ae4a9bcb58d9b6d57f87 cve-icon cve-icon
https://git.kernel.org/stable/c/b28c1a14accc79ead1e87bbdae53309da60be1e7 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025091223-CVE-2025-39794-9d67@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-39794 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-39794 cve-icon
History

Fri, 02 Jan 2026 15:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Mon, 03 Nov 2025 18:30:00 +0000

Type Values Removed Values Added
References

Tue, 30 Sep 2025 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Mon, 15 Sep 2025 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Vendors & Products Linux
Linux linux Kernel

Fri, 12 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: ARM: tegra: Use I/O memcpy to write to IRAM Kasan crashes the kernel trying to check boundaries when using the normal memcpy.
Title ARM: tegra: Use I/O memcpy to write to IRAM
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-01-02T15:32:21.921Z

Reserved: 2025-04-16T07:20:57.132Z

Link: CVE-2025-39794

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-09-12T16:15:33.700

Modified: 2025-11-03T18:16:47.527

Link: CVE-2025-39794

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-09-12T00:00:00Z

Links: CVE-2025-39794 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-09-15T10:43:48Z