CVE-2025-39786 – This CVE describes an out-of-bounds memory acce... (How to Fix)

Q: What is the severity of CVE-2025-39786?

CVE-2025-39786 has a CVSS score of 7.1 (HIGH). This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's AD7173 ADC driver. An attacker could potentially read or write kernel memory beyond allocated bounds, leading to system crashes or privilege escalation. This affects Linux systems using the AD7173 analog-to-digital converter driver.

📋 TL;DR

This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's AD7173 ADC driver. An attacker could potentially read or write kernel memory beyond allocated bounds, leading to system crashes or privilege escalation. This affects Linux systems using the AD7173 analog-to-digital converter driver.

💻 Affected Systems

Products:

Linux kernel with AD7173 ADC driver

Versions: Linux kernel versions before fixes in stable commits 0eb8d7b25397330beab8ee62c681975b79f37223 and 2def1a8691eb43654da0ae0d2fdb3722e20262a5

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if AD7173 ADC hardware is present and driver is loaded; requires specific device tree configuration.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to privilege escalation, system crash, or arbitrary code execution in kernel context.

🟠

Likely Case

System instability, kernel panic, or denial of service due to invalid memory access.

🟢

If Mitigated

Limited impact if driver is not loaded or device not present; potential system crash if exploited.

🌐 Internet-Facing: LOW - Requires local access or specialized hardware interface.

🏢 Internal Only: MEDIUM - Local attackers with hardware access could exploit; requires specific ADC hardware.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires local access, specific hardware, and knowledge of device configuration; no public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel with commits 0eb8d7b25397330beab8ee62c681975b79f37223 and 2def1a8691eb43654da0ae0d2fdb3722e20262a5

Vendor Advisory: https://git.kernel.org/stable/c/0eb8d7b25397330beab8ee62c681975b79f37223

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing fixes. 2. Reboot system. 3. Verify driver version matches patched kernel.

🔧 Temporary Workarounds

Disable AD7173 driver

linux

Prevent loading of vulnerable driver module

echo 'blacklist ad7173' >> /etc/modprobe.d/blacklist.conf
rmmod ad7173

Remove hardware

all

Physically remove AD7173 ADC hardware if not required

🧯 If You Can't Patch

Restrict physical access to systems with AD7173 hardware
Monitor system logs for kernel panics or unusual driver behavior

🔍 How to Verify

Check if Vulnerable:

Check if AD7173 driver is loaded: lsmod | grep ad7173; check kernel version against patched versions

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits; test syscalib_mode attribute access

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
Out of bounds memory access errors in dmesg
Driver initialization failures

Network Indicators:

None - local hardware vulnerability

SIEM Query:

source="kernel" AND ("ad7173" OR "out of bounds" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2025-39786

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

EPSS Score: 0.02% exploit probability (3th percentile)

Published: September 11, 2025

Last Updated: November 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-39786, you might also want to check these: