PT-2025-40074 · Linux+2 · Linux Kernel+2

Syzbot

Published

2025-08-27

Updated

2025-11-25

CVE-2025-39900

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the net sched subsystem, specifically in the est timer() function when CONFIG PREEMPT RT is enabled. This configuration can lead to preemption of timer callbacks. The issue was identified by syzbot, which reported a WARNING related to sequence lock assertion within the est timer() function. The fix involves utilizing preempt disable nested() and preempt enable nested() to address the preemption issue. The est timer() function is located in net/core/gen estimator.c.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

BDU:2025-14982

CVE-2025-39900

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-40074 · Linux+2 · Linux Kernel+2

CVE-2025-39900

Weakness Enumeration

Related Identifiers

Affected Products

References · 2016