Linux Kernel Tracing Vulnerability in Google's Compute Engine
CVE-2025-39914

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39914?

A vulnerability was found in the Linux kernel's tracing subsystem that could lead to complications during trace point allocation. Specifically, when using syzkaller to inject a fault during the allocation process, warning messages may appear, suggesting that the system is experiencing a double registration of the same trace point. This situation arises when the chunk allocation fails under certain conditions, potentially leading to unexpected behavior. To mitigate this, enhancements were made to the failure handling logic in the trace_pid_list_set function, ensuring a more graceful management of trace points and reducing warning interference in system operations.

Affected Version(s)

Linux 8d6e90983ade25ec7925211ac31d9ccaf64b7edf < 7583a73c53f1d1ae7a39b130eb7190a11f0a902f

Linux 8d6e90983ade25ec7925211ac31d9ccaf64b7edf < 1262bda871dace8c6efae25f3b6a2d34f6f06d54

Linux 8d6e90983ade25ec7925211ac31d9ccaf64b7edf < 88525accf16947ab459f8e91c27c8c53e1d612d7

References

https://git.kernel.org/stable/c/7583a73c53f1d1ae7a39b130e...

https://git.kernel.org/stable/c/1262bda871dace8c6efae25f3...

https://git.kernel.org/stable/c/88525accf16947ab459f8e91c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON