Linux Kernel User Access Integer Overflow Vulnerability

Vulnerability

A vulnerability in the Linux kernel's user access handling has been addressed. Three architectures improperly check the end of a user access against the address limit, potentially leading to an integer overflow. This flaw allows the passing of a negative length or another overflow, resulting in a false success return when it should not occur. The vulnerability has been fixed by adopting a more reliable implementation that optimizes for a constant 'size' argument, transforming the common case into a single comparison.

Impact

Exploitation of this vulnerability could lead to incorrect user access validation, allowing for potential memory corruption or unauthorized access.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

5.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

5.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel User Access Integer Overflow Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating