CVE-2025-40327

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s perf/core component related to cpu-clock usage. Specifically, the use of cpu-clock by the async-profiler tool can lead to a system hang. This issue stems from a recursion within the hrtimer code when attempting to stop cpu-clock events, triggered by the perf event overflow() callback within the hrtimer handler. The problematic commit identified as introducing this issue is 18dbcbfabfff ("perf: Fix the POLL HUP delivery breakage"). The fix involves using hrtimer try to cancel() and setting the PERF HES STOPPED flag to safely stop the event.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.