CVE-2025-39848

5.5 MEDIUM

Denial of Service

📋 TL;DR

A memory corruption vulnerability in the Linux kernel's AX.25 protocol implementation allows attackers to cause kernel crashes or potentially execute arbitrary code by sending specially crafted KISS (Keep It Simple Stupid) packets. This affects Linux systems with AX.25 protocol support enabled, particularly amateur radio and packet radio systems. The vulnerability stems from improper handling of shared socket buffers (skbs) in the ax25_kiss_rcv() function.

💻 Affected Systems

Products:

Linux kernel

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions with vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if AX.25 protocol support is compiled into the kernel or loaded as a module, and the system processes AX.25 KISS packets.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, with potential for arbitrary code execution in kernel context.

🟠

Likely Case

System crash or kernel panic resulting in denial of service, requiring system reboot.

🟢

If Mitigated

No impact if AX.25 protocol is disabled or systems are not exposed to malicious AX.25 traffic.

🌐 Internet-Facing: LOW - AX.25 is primarily used in amateur radio networks, not typically internet-facing.

🏢 Internal Only: MEDIUM - Internal amateur radio/packet radio networks could be affected if malicious actors have access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending specially crafted AX.25 KISS packets to vulnerable systems. No public exploit code is known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel with commits 01a2984cb803f2d487b7074f9718db2bf3531f69, 2bd0f67212908243ce88e35bf69fa77155b47b14, 42b46684e2c78ee052d8c2ee8d9c2089233c9094, 5b079be1b9da49ad88fc304c874d4be7085f7883, or 7d449b7a6c8ee434d10a483feed7c5c50108cf56 applied

Vendor Advisory: https://git.kernel.org/stable/c/01a2984cb803f2d487b7074f9718db2bf3531f69

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable AX.25 protocol

Linux

Remove or blacklist AX.25 kernel module to prevent vulnerability exploitation

rmmod ax25
echo 'blacklist ax25' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

Disable AX.25 protocol support if not required
Implement network segmentation to isolate AX.25 traffic from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check if AX.25 module is loaded: lsmod | grep ax25. If loaded and kernel version is unpatched, system is vulnerable.

Check Version:

uname -r

Verify Fix Applied:

Check kernel version matches patched version from your distribution and verify AX.25 module functions normally.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
System crash/reboot logs
AX.25 protocol errors in kernel logs

Network Indicators:

Unusual AX.25 packet patterns
Malformed KISS packets

SIEM Query:

source="kernel" AND ("panic" OR "oops" OR "BUG") AND "ax25"

📊 Metadata

CVE ID: CVE-2025-39848

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-401

EPSS Score: 0.02% exploit probability (5.1th percentile)

Published: September 19, 2025

Last Updated: January 20, 2026

🔗 References

https://git.kernel.org/stable/c/01a2984cb803f2d487b7074f9718db2bf3531f69 Patch
https://git.kernel.org/stable/c/2bd0f67212908243ce88e35bf69fa77155b47b14 Patch
https://git.kernel.org/stable/c/42b46684e2c78ee052d8c2ee8d9c2089233c9094 Patch
https://git.kernel.org/stable/c/5b079be1b9da49ad88fc304c874d4be7085f7883 Patch
https://git.kernel.org/stable/c/7d449b7a6c8ee434d10a483feed7c5c50108cf56 Patch
https://git.kernel.org/stable/c/8156210d36a43e76372312c87eb5ea3dbb405a85 Patch
https://git.kernel.org/stable/c/89064cf534bea4bb28c83fe6bbb26657b19dd5fe Patch
https://git.kernel.org/stable/c/b1c71d674a308d2fbc83efcf88bfc4217a86aa17 Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Third Party Advisory,Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory,Mailing List