CVE-2025-39795
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk5th percentile - higher than 5% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the blk_stack_limits() function in the block layer, where the chunk_sectors check could cause an unsigned integer overflow when converting to bytes. The fix changes the check to be sector-based.
Risk Assessment
The overflow could lead to incorrect block stack behavior, potentially causing system crashes or instability of block devices.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit in stable branch). Monitor official security advisories from your distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value. However, by finding the chunk_sectors value in bytes, we may overflow the unsigned int which holds chunk_sectors, so change the check to be based on sectors.

