PT-2025-42252 · Linux+3 · Linux Kernel+3

Published

2025-09-20

·

Updated

2026-05-26

·

CVE-2025-39977

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw related to futex operations that could lead to a use-after-free condition during a requeue operation. Specifically, a race condition can occur where futex wait requeue pi() may proceed without proper synchronization, potentially accessing invalid memory. This issue arises when a task is woken up after being queued for requeue, and the futex q structure is accessed without appropriate locking. The problem can be prevented by reading futex q::task before updating the futex q::requeue state. A READ ONCE operation on futex q::task before futex requeue pi complete() is sufficient to ensure the variable is read before the state is updated.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

AZL-68525
BDU:2026-02707
CVE-2025-39977
DLA-4379-1
DSA-6053-1
ECHO-99BE-9806-9EA8
MGASA-2025-0309
MGASA-2025-0310
OESA-2025-2633
OESA-2025-2634
OESA-2025-2635
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0263-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:0317-1
SUSE-SU-2026:0411-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:1684-1
SUSE-SU-2026:1686-1
SUSE-SU-2026:1694-1
SUSE-SU-2026:1708-1
SUSE-SU-2026:1710-1
SUSE-SU-2026:1718-1
SUSE-SU-2026:1725-1
SUSE-SU-2026:1728-1
SUSE-SU-2026:1733-1
SUSE-SU-2026:1768-1
SUSE-SU-2026:1771-1
SUSE-SU-2026:1776-1
SUSE-SU-2026:1787-1
SUSE-SU-2026:1793-1
SUSE-SU-2026:1798-1
SUSE-SU-2026:1804-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
SUSE-SU-2026:21468-1
SUSE-SU-2026:21469-1
SUSE-SU-2026:21470-1
SUSE-SU-2026:21471-1
SUSE-SU-2026:21472-1
SUSE-SU-2026:21473-1
SUSE-SU-2026:21474-1
SUSE-SU-2026:21475-1
SUSE-SU-2026:21476-1
SUSE-SU-2026:21477-1
SUSE-SU-2026:21479-1
SUSE-SU-2026:21480-1
SUSE-SU-2026:21481-1
SUSE-SU-2026:21482-1
SUSE-SU-2026:21483-1
SUSE-SU-2026:21484-1
SUSE-SU-2026:21485-1
SUSE-SU-2026:21487-1
SUSE-SU-2026:21491-1
SUSE-SU-2026:21495-1
SUSE-SU-2026:21496-1
SUSE-SU-2026:21497-1
SUSE-SU-2026:21498-1
SUSE-SU-2026:21499-1
SUSE-SU-2026:21501-1
SUSE-SU-2026:21503-1
SUSE-SU-2026:21504-1
SUSE-SU-2026:21505-1
SUSE-SU-2026:21506-1
SUSE-SU-2026:21507-1
SUSE-SU-2026:21508-1
SUSE-SU-2026:21509-1
SUSE-SU-2026:21510-1
SUSE-SU-2026:21511-1
SUSE-SU-2026:21512-1
SUSE-SU-2026:21513-1
SUSE-SU-2026:21514-1
SUSE-SU-2026:21515-1
SUSE-SU-2026:21523-1
SUSE-SU-2026:21526-1
SUSE-SU-2026:21528-1
SUSE-SU-2026:21529-1
SUSE-SU-2026:21531-1
SUSE-SU-2026:21532-1
SUSE-SU-2026:21533-1
SUSE-SU-2026:21555-1
SUSE-SU-2026:21562-1
SUSE-SU-2026:21563-1
SUSE-SU-2026:21591-1
SUSE-SU-2026:21598-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu