Vulnerability Database

318,206

Total vulnerabilities in the database

CVE-2025-39920

In the Linux kernel, the following vulnerability has been resolved:

pcmcia: Add error handling for add_interval() in do_validate_mem()

In the do_validate_mem(), the call to add_interval() does not handle errors. If kmalloc() fails in add_interval(), it could result in a null pointer being inserted into the linked list, leading to illegal memory access when sub_interval() is called next.

This patch adds an error handling for the add_interval(). If add_interval() returns an error, the function will return early with the error code.

  • Published: Oct 1, 2025
  • Updated: Jan 17, 2026
  • CVE: CVE-2025-39920
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
linux / linux_kernel 2.6.34 5.4.299
linux / linux_kernel 5.5 5.10.243
linux / linux_kernel 5.11 5.15.192
linux / linux_kernel 5.16 6.1.151
linux / linux_kernel 6.2 6.6.105
linux / linux_kernel 6.7 6.12.46
linux / linux_kernel 6.13 6.16.6
linux / linux_kernel 6.17-rc1 6.17-rc1.x
linux / linux_kernel 6.17-rc2 6.17-rc2.x
linux / linux_kernel 6.17-rc3 6.17-rc3.x
linux / linux_kernel 6.17-rc4 6.17-rc4.x
debian / debian_linux 11.0 11.0.x