Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2025-39902

Published: October 3, 2025Last modified: October 3, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in object_err() object_err() reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to access object metadata can lead to a crash since it does not point to a valid object. One known path to the crash is when alloc_consistency_checks() determines the pointer to the allocated object is invalid because of a freelist corruption, and calls object_err() to report it. The debug code should report and handle the corruption gracefully and not crash in the process. In case the pointer is NULL or check_valid_pointer() returns false for the pointer, only print the pointer value and skip accessing metadata.

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlinux-ltsFixed (6.1.151-r0)
25 LTSlinux-ltsFixed (6.12.51-r0)
Streamlinux-ltsFixed (6.12.46-r0)

References

ON THIS PAGE