Data Race Vulnerability in the Linux Kernel
CVE-2025-39749

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
11 September 2025

What is CVE-2025-39749?

In certain configurations of the Linux kernel, a vulnerability arises due to a race condition involving the RCU (Read-Copy-Update) mechanism. Specifically, the function rcu_read_unlock_special() can operate within an interrupts-disabled context while simultaneously interacting with an irq-work handler, leading to potential data races. This situation can result in inconsistent states within the per-CPU rcu_data structure, particularly affecting the ->defer_qs_iw_pending field. The issue manifests in kernels using the rcutree.use_softirq=y setting and requires that interrupts be disabled during specific updates to ensure system stability. A recent commit has addressed this by disabling interrupts while the rcu_preempt_deferred_qs_handler function updates the relevant field.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0864f057b050bc6dd68106b3185e02db5140012d < 74f58f382a7c8333f8d09701aefaa25913bdbe0e

Linux 0864f057b050bc6dd68106b3185e02db5140012d

Linux 0864f057b050bc6dd68106b3185e02db5140012d < 0ad84d62217488e679ecc90e8628980dcc003de3

References

https://git.kernel.org/stable/c/74f58f382a7c8333f8d09701a...
https://git.kernel.org/stable/c/f937759c7432d6151b73e1393...
https://git.kernel.org/stable/c/0ad84d62217488e679ecc90e8...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.