Slab Out-of-Bounds Vulnerability in Linux Kernel's OS Noise Tracing Feature
CVE-2025-39974

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-39974?

A vulnerability exists in the Linux Kernel's OS noise tracing functionality, specifically related to the handling of the cpulist parameter during write operations. When improperly formatted input is provided, such as a cpulist that lacks a proper null terminator, it can lead to a slab out-of-bounds access. This flaw can be exploited, resulting in potential memory corruption and instability in the system. The issue was addressed by ensuring that the cpulist parameter is terminated correctly, thus safeguarding against such access violations.

Affected Version(s)

Linux 17f89102fe23d7389085a8820550df688f79888a < 930cb05a9e107777316b3ccf37f9556366669065

Linux 17f89102fe23d7389085a8820550df688f79888a

Linux 6.16

References

https://git.kernel.org/stable/c/930cb05a9e107777316b3ccf3...

https://git.kernel.org/stable/c/a2501032de0d1bc7971b2e43c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Apr 16, 2025

JSON