CVE-2025-39869
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-39869
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39869.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-39869
- Downstream
- Related
- Published
- 2025-09-23T06:00:43.852Z
- Modified
- 2025-11-28T02:33:50.417167Z
- Summary
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: ti: edma: Fix memory allocation size for queueprioritymap
Fix a critical memory allocation bug in edmasetupfromhw() where queueprioritymap was allocated with insufficient memory. The code declared queuepriority_map as s8 (*)[2] (pointer to array of 2 s8), but allocated memory using sizeof(s8) instead of the correct size.
This caused out-of-bounds memory writes when accessing: queueprioritymap[i][0] = i; queueprioritymap[i][1] = i;
The bug manifested as kernel crashes with "Oops - undefined instruction" on ARM platforms (BeagleBoard-X15) during EDMA driver probe, as the memory corruption triggered kernel hardening features on Clang.
Change the allocation to use sizeof(*queueprioritymap) which automatically gets the correct size for the 2D array structure.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39869.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/069fd1688c57c0cc8a3de64d108579b31676f74b
- https://git.kernel.org/stable/c/1baed10553fc8b388351d8fc803e3ae6f1a863bc
- https://git.kernel.org/stable/c/301a96cc4dc006c9a285913d301e681cfbf7edb6
- https://git.kernel.org/stable/c/5e462fa0dfdb52b3983cf41532d3d4c7d63e2f93
- https://git.kernel.org/stable/c/7d4de60d6db02d9b01d5890d5156b04fad65d07a
- https://git.kernel.org/stable/c/d5e82f3f2c918d446df46e8d65f8083fd97cdec5
- https://git.kernel.org/stable/c/d722de80ce037dccf6931e778f4a46499d51bdf9
- https://git.kernel.org/stable/c/e63419dbf2ceb083c1651852209c7f048089ac0f
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39869.json
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-39869
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2b6b3b7420190888793c49e97276e1e73bd7eaedFixed7d4de60d6db02d9b01d5890d5156b04fad65d07aFixedd722de80ce037dccf6931e778f4a46499d51bdf9Fixed301a96cc4dc006c9a285913d301e681cfbf7edb6Fixed5e462fa0dfdb52b3983cf41532d3d4c7d63e2f93Fixed1baed10553fc8b388351d8fc803e3ae6f1a863bcFixed069fd1688c57c0cc8a3de64d108579b31676f74bFixedd5e82f3f2c918d446df46e8d65f8083fd97cdec5Fixede63419dbf2ceb083c1651852209c7f048089ac0f
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced4.4.0Fixed5.4.300
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.245
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.194
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.153
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.107
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.48
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.16.8