CVE-2025-39898

high

Description

In the Linux kernel, the following vulnerability has been resolved: e1000e: fix heap overflow in e1000_set_eeprom Fix a possible heap overflow in e1000_set_eeprom function by adding input validation for the requested length of the change in the EEPROM. In addition, change the variable type from int to size_t for better code practices and rearrange declarations to RCT.

References

https://git.kernel.org/stable/c/ea832ec0583e2398ea0c5ed8d902c923e16f53c4

https://git.kernel.org/stable/c/ce8829d3d44b8622741bccca9f4408bc3da30b2b

https://git.kernel.org/stable/c/b48adcacc34fbbc49046a7ee8a97839bef369c85

https://git.kernel.org/stable/c/b370f7b1f470a8d5485cc1e40e8ff663bb55d712

https://git.kernel.org/stable/c/99a8772611e2d7ec318be7f0f072037914a1f509

https://git.kernel.org/stable/c/90fb7db49c6dbac961c6b8ebfd741141ffbc8545

https://git.kernel.org/stable/c/50a84d5c814039ad2abe2748aec3e89324a548a7

https://git.kernel.org/stable/c/0aec3211283482cfcdd606d1345e1f9acbcabd31

Details

Source: Mitre, NVD

Published: 2025-10-01

Updated: 2025-10-02

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.0003