CVE-2025-39713

EPSS 0.01%
Veröffentlicht 05.09.2025 17:21:20
Zuletzt bearbeitet 07.01.2026 20:39:57
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()

In the interrupt handler rain_interrupt(), the buffer full check on
rain->buf_len is performed before acquiring rain->buf_lock. This
creates a Time-of-Check to Time-of-Use (TOCTOU) race condition, as
rain->buf_len is concurrently accessed and modified in the work
handler rain_irq_work_handler() under the same lock.

Multiple interrupt invocations can race, with each reading buf_len
before it becomes full and then proceeding. This can lead to both
interrupts attempting to write to the buffer, incrementing buf_len
beyond its capacity (DATA_SIZE) and causing a buffer overflow.

Fix this bug by moving the spin_lock() to before the buffer full
check. This ensures that the check and the subsequent buffer modification
are performed atomically, preventing the race condition. An corresponding
spin_unlock() is added to the overflow path to correctly release the
lock.

This possible bug was found by an experimental static analysis tool
developed by our team.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.12 < 5.4.297

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.241

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.190

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.149

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.103

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.44

Linux ≫ Linux Kernel Version >= 6.13 < 6.16.4

Debian ≫ Debian Linux Version11.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.006

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	1	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

https://git.kernel.org/stable/c/2964dbe631fd21ad7873b1752b895548d3c12496

Patch

https://git.kernel.org/stable/c/6aaef1a75985865d8c6c5b65fb54152060faba48

Patch

https://git.kernel.org/stable/c/fbc81e78d75bf28972bc22b1599559557b1a1b83

Patch

https://git.kernel.org/stable/c/3c3e33b7edca7a2d6a96801f287f9faeb684d655

Patch

https://git.kernel.org/stable/c/1c2769dc80255824542ea5a4ff1a07dcdeb1603f

Patch

https://git.kernel.org/stable/c/ed905fe7cba03cf22ae0b84cf1b73cd1c070423a

Patch