Memory Management Flaw in Linux Kernel Impacting Tracer Hash Functionality
CVE-2025-39689

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-39689?

A memory management flaw exists in the Linux kernel related to the handling of tracer hashes within the ftrace subsystem. The vulnerability allows for an improper allocation of pointers when reading filter files, leading to potential use-after-free conditions. Unlike writers that correctly allocate copies of the hash for their iterators, the reader maintains a static pointer. This discrepancy poses risks during function calls that release locks, as the global tracer hashes can be updated unexpectedly. The recent fix enhances the code by ensuring a proper allocation and copy of the hash for readers, thus mitigating these risks and streamlining the overall code structure.

Affected Version(s)

Linux c20489dad156dd9919ebd854bbace46dbd2576a3 < 12064e1880fc9202be75ff668205b1703d92f74f

Linux c20489dad156dd9919ebd854bbace46dbd2576a3

References

https://git.kernel.org/stable/c/12064e1880fc9202be75ff668...

https://git.kernel.org/stable/c/c4cd93811e038d19f96198573...

https://git.kernel.org/stable/c/e0b6b223167e1edde5c82edf3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Apr 16, 2025