CVE-2025-39714 | media: usbtv: Lock resolution while streaming

In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution while streaming When an program is streaming (ffplay) and another program (qv4l2) changes the TV standard from NTSC to PAL, the kernel crashes due to trying to copy to unmapped memory. Changing from NTSC to PAL increases the resolution in the usbtv struct, but the video plane buffer isn't adjusted, so it overflows. [hverkuil: call vb2_is_busy instead of vb2_is_streaming]

Published: 2025-09-05 Last update: 2026-05-12 Assigner: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2025-39714 is rated Low Risk (23.7/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.02%). Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2025-39714

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-01-13 0.06% 0.02% -0.04%
2 2026-01-05 0.02% 0.06% +0.04%
3 2025-09-06 0.02%

Full EPSS history (3 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2025-39714

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.5 3.1 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L)
A normal user session is enough; they don’t have to be admin.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N)
Doesn’t really leak secrets in a meaningful way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 1.8 3.6 [email protected]

Weakness enumeration for CVE-2025-39714

GitHub Security Advisory for CVE-2025-39714

GHSA-45h6-97cw-2x6c · Severity: medium — In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock...

OS Trackers for CVE-2025-39714

vendor priority summary link
debian not yet assigned CVE-2025-39714 not yet assigned priority: Debian including 2 source packages (linux, linux-6.1), 6 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 6. https://security-tracker.debian.org/tracker/CVE-2025-39714
redhat https://access.redhat.com/security/cve/CVE-2025-39714
suse medium CVE-2025-39714 severity moderate: SUSE including 463 source package names (2.1.3-6.80:kernel-default-base-6.4.0-35.1.21.12, 2.1.3-7.57:kernel-default-6.4.0-35.1, …), 898 product×package rows across 183 product lines (Container suse/sl-micro/6.0/base-os-container, Container suse/sl-micro/6.0/kvm-os-container, … (183 product lines)): Fixed 619, Known Affected 231, First Fixed 21, Will Not Fix 19, Known Not Affected 8. https://www.suse.com/security/cve/CVE-2025-39714/
ubuntu medium CVE-2025-39714 medium priority: Ubuntu including 158 source packages (linux, linux-allwinner-5.19, …), 1414 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1017, ignored 179, released 150, needed 47, not-affected 18, needs-triage 2, pending 1. https://ubuntu.com/security/CVE-2025-39714

Affected software / configurations for CVE-2025-39714

Vendor Product Version Raw CPE
linux linux_kernel >= 3.14, < 5.4.297 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.5, < 5.10.241 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.11, < 5.15.190 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.16, < 6.1.149 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 6.2, < 6.6.103 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 6.7, < 6.12.44 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 6.13, < 6.16.4 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
debian debian_linux 11.0 cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

References for CVE-2025-39714

URL Tags
https://git.kernel.org/stable/c/3d83d0b5ae5045a7a246ed116b5f6c688a12f9e9 Patch
https://git.kernel.org/stable/c/5427dda195d6baf23028196fd55a0c90f66ffa61 Patch
https://git.kernel.org/stable/c/7e40e0bb778907b2441bff68d73c3eb6b6cd319f Patch
https://git.kernel.org/stable/c/9f886d21e235c4bd038cb20f6696084304197ab3 Patch
https://git.kernel.org/stable/c/c35e7c7a004ef379a1ae7c7486d4829419acad1d Patch
https://git.kernel.org/stable/c/c3d75524e10021aa5c223d94da4996640aed46c0 Patch
https://git.kernel.org/stable/c/ee7bade8b9244834229b12b6e1e724939bedd484 Patch
https://git.kernel.org/stable/c/ef9b3c22405192afaa279077ddd45a51db90b83d Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Mailing List Third Party Advisory
https://cert-portal.siemens.com/productcert/html/ssa-032379.html
cvelogic Threat Intelligence