-
CVE-2025-39736
- EPSS 0.04%
- Veröffentlicht 11.09.2025 16:52:11
- Zuletzt bearbeitet 15.09.2025 15:22:38
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved:
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
When netpoll is enabled, calling pr_warn_once() while holding
kmemleak_lock in mem_pool_alloc() can cause a deadlock due to lock
inversion with the netconsole subsystem. This occurs because
pr_warn_once() may trigger netpoll, which eventually leads to
__alloc_skb() and back into kmemleak code, attempting to reacquire
kmemleak_lock.
This is the path for the deadlock.
mem_pool_alloc()
-> raw_spin_lock_irqsave(&kmemleak_lock, flags);
-> pr_warn_once()
-> netconsole subsystem
-> netpoll
-> __alloc_skb
-> __create_object
-> raw_spin_lock_irqsave(&kmemleak_lock, flags);
Fix this by setting a flag and issuing the pr_warn_once() after
kmemleak_lock is released.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
c7b6ea0ede687e7460e593c5ea478f50aa41682a
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
4b0151e1d468eb2667c37b7af99b3c075072d334
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
f249d32bb54876b4b6c3ae071af8ddca77af390b
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
62879faa8efe8d8a9c7bf7606ee9c068012d7dac
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
1da95d3d4b7b1d380ebd87b71a61e7e6aed3265d
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
a0854de00ce2ee27edf39037e7836ad580eb3350
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
08f70be5e406ce47c822f2dd11c1170ca259605b
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
a181b228b37a6a5625dad2bb4265bb7abb673e9f
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
Version <
47b0f6d8f0d2be4d311a49e13d2fd5f152f492b2
Version
c5665868183fec689dbab9fb8505188b2c4f0757
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.4
Status
affected
Version <
5.4
Version
0
Status
unaffected
Version <=
5.4.*
Version
5.4.297
Status
unaffected
Version <=
5.10.*
Version
5.10.241
Status
unaffected
Version <=
5.15.*
Version
5.15.190
Status
unaffected
Version <=
6.1.*
Version
6.1.149
Status
unaffected
Version <=
6.6.*
Version
6.6.103
Status
unaffected
Version <=
6.12.*
Version
6.12.43
Status
unaffected
Version <=
6.15.*
Version
6.15.11
Status
unaffected
Version <=
6.16.*
Version
6.16.2
Status
unaffected
Version <=
*
Version
6.17-rc2
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.125 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|