CVE-2025-39697
BaseFortify
Publication date: 2025-09-05
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.1.153-1 |
| linux | linux_kernel | 5.10.244-1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a race condition in the Linux kernel's NFS (Network File System) implementation. Specifically, it occurs when updating an existing write request. The function nfs_lock_and_join_requests() checks if a request is still attached to the mapping, but there is a window where another function, nfs_inode_remove_request(), can remove the request before the page group is locked. This happens because the caller of nfs_inode_remove_request() may not hold the lock on the page group head, leading to a race condition. The fix involves taking the page group lock earlier and holding it during the removal of the request to prevent this race.
How can this vulnerability impact me? :
This race condition could lead to inconsistent or corrupted data when multiple write requests are processed concurrently in the NFS subsystem of the Linux kernel. It may cause data integrity issues or unexpected behavior in file operations over NFS, potentially impacting system stability or data reliability.