Strix
26.1K

CVE-2025-39787

MEDIUMCVSS 5.5/10EPSS 0.15%

Last modified

CVE-2025-39787 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the firmware buffer to ensure that we don't read past the end as we iterate over the header. e_phentsize and e_shentsize are validated as well, to ensure that the assumptions about step size in the traversal are valid.. EPSS estimates a 0.15% chance of exploitation in the next 30 days.

Description

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the firmware buffer to ensure that we don't read past the end as we iterate over the header. e_phentsize and e_shentsize are validated as well, to ensure that the assumptions about step size in the traversal are valid.

Metrics

CVSS 3.1
5.5/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
0.15%

4.4th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
LinuxLinux Kernel>= 4.11, < 5.4.297
LinuxLinux Kernel>= 5.5, < 5.10.241
LinuxLinux Kernel>= 5.11, < 5.15.190
LinuxLinux Kernel>= 5.16, < 6.1.149
LinuxLinux Kernel>= 6.2, < 6.6.103
LinuxLinux Kernel>= 6.7, < 6.12.44
LinuxLinux Kernel>= 6.13, < 6.16.4
DebianDebian Linux11.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2025-39787?
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the firmware buffer to ensure that we don't read past the end as we iterate over the header. e_phentsize and e_shentsize are validated as well, to ensure that the assumptions about step size in the traversal are valid.
How severe is CVE-2025-39787?
CVE-2025-39787 has a CVSS score of 5.5/10 (MEDIUM severity). The EPSS model estimates a 0.15% probability of exploitation in the next 30 days.
How do I fix CVE-2025-39787?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-39787?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST