CVE-2025-39698

EPSS 0.02%
Veröffentlicht 05.09.2025 17:21:04
Zuletzt bearbeitet 25.11.2025 21:31:12
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

io_uring/futex: ensure io_futex_wait() cleans up properly on failure

The io_futex_data is allocated upfront and assigned to the io_kiocb
async_data field, but the request isn't marked with REQ_F_ASYNC_DATA
at that point. Those two should always go together, as the flag tells
io_uring whether the field is valid or not.

Additionally, on failure cleanup, the futex handler frees the data but
does not clear ->async_data. Clear the data and the flag in the error
path as well.

Thanks to Trend Micro Zero Day Initiative and particularly ReDress for
reporting this.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.44

Linux ≫ Linux Kernel Version >= 6.13 < 6.16.4

Linux ≫ Linux Kernel Version6.17 Updaterc1

Linux ≫ Linux Kernel Version6.17 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.051

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CWE-672 Operation on a Resource after Expiration or Release

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

https://git.kernel.org/stable/c/d9f93172820a53ab42c4b0e5e65291f4f9d00ad2

Patch

https://git.kernel.org/stable/c/d34c04152df517c59979b4bf2a47f491e06d3256

Patch

https://git.kernel.org/stable/c/508c1314b342b78591f51c4b5dadee31a88335df

Patch

https://www.zerodayinitiative.com/advisories/ZDI-25-915/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-39698

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39698

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39698

EUVD