CVE-2025-39678

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-39678

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39678.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-39678

Downstream

BELL-CVE-2025-39678

DEBIAN-CVE-2025-39678

MINI-g78m-w27x-fhgq

ROOT-OS-DEBIAN-13-CVE-2025-39678

ROOT-OS-UBUNTU-2404-CVE-2025-39678

SUSE-SU-2025:03600-1

SUSE-SU-2025:03601-1

SUSE-SU-2025:03602-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3725-1

SUSE-SU-2025:3751-1

UBUNTU-CVE-2025-39678

USN-8095-1

USN-8095-2

USN-8095-3

USN-8100-1

openSUSE-SU-2025:20081-1

Related

Published

2025-09-05T17:20:44.246Z

Modified

2026-03-20T12:42:59.992653Z

Summary

platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL

Details

In the Linux kernel, the following vulnerability has been resolved:

platform/x86/amd/hsmp: Ensure sock->metrictbladdr is non-NULL

If metric table address is not allocated, accessing metrics_bin will result in a NULL pointer dereference, so add a check.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39678.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

5150542b8ec5fb561be080ed0ef3bab8598154c3

Fixed

782977c0d8ba432b6fd3d5d0d87016a523ec1c69

Fixed

d47782d5c0cb87b9826041f34505580204ccf703

Fixed

2c78fb287e1f430b929f2e49786518350d15605c

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39678.json"