Race Condition Vulnerability in Linux Kernel Affecting Process Privilege Management
CVE-2025-40341
What is CVE-2025-40341?
A race condition in the Linux kernel’s handling of the robust_list pointer may lead to unauthorized access to sensitive information during privilege transitions. Specifically, during the execution of a setuid binary, an unprivileged process may allow an attacker to access its robust_list before it transitions to a privileged state. The issue arises when the permissions check via ptrace_may_access() occurs just before a task executes the privileged binary, permitting potential exploitation of sensitive memory addresses. This vulnerability compromises intended access restrictions and enhances the risk of information disclosure across privilege boundaries. Implementing a read lock on signal->exec_update_lock ensures synchronization, mitigating the vulnerability.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6511984d1aa1360181bcafb1ca75df7f291ef237
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4aced32596ead1820b7dbd8e40d30b30dc1f3ad4
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3b4222494489f6d4b8705a496dab03384b7ca998