CVE-2025-39829
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-12-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftrace_suspend_notifier_call already registered WARNING: CPU: 2 PID: 86 at kernel/notifier.c:23 notifier_chain_register+0x44/0xb0 ... Call Trace: <TASK> blocking_notifier_chain_register+0x34/0x60 register_ftrace_graph+0x330/0x410 ftrace_profile_write+0x1e9/0x340 vfs_write+0xf8/0x420 ? filp_flush+0x8a/0xa0 ? filp_close+0x1f/0x30 ? do_dup2+0xaf/0x160 ksys_write+0x65/0xe0 do_syscall_64+0xa4/0x260 entry_SYSCALL_64_after_hwframe+0x77/0x7f When writing to the function_profile_enabled interface, the notifier was not unregistered after start_graph_tracing failed, causing a warning the next time function_profile_enabled was written. Fixed by adding unregister_pm_notifier in the exception path.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-12-02
Generated
2026-05-07
AI Q&A
2025-09-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-39829
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 2.6.30 (inc) to 6.12.45 (exc)
linux linux_kernel From 6.13 (inc) to 6.16.5 (exc)
linux linux_kernel 6.17
linux linux_kernel 6.17
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel involves a missing unregister notifier in the trace/fgraph component. Specifically, when writing to the function_profile_enabled interface, if start_graph_tracing fails, the notifier is not unregistered properly. This causes a warning to appear the next time function_profile_enabled is written, indicating that the notifier callback was already registered. The issue was fixed by adding an unregister_pm_notifier call in the exception path to ensure proper cleanup.


How can this vulnerability impact me? :

The vulnerability causes a warning in the kernel related to notifier callback registration, which may indicate improper resource handling or potential instability during tracing operations. While it does not describe a direct security exploit, such warnings can lead to unexpected behavior or system instability during function profiling or tracing activities.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability manifests as a warning in the Linux kernel logs related to the notifier callback being already registered. To detect it, you can check the kernel log messages for warnings like: 'notifier callback ftrace_suspend_notifier_call already registered'. You can use the command: dmesg | grep 'notifier callback ftrace_suspend_notifier_call already registered' to find such warnings.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability was fixed by adding unregister_pm_notifier in the exception path to ensure the notifier is properly unregistered after a failure. Immediate mitigation involves updating the Linux kernel to a version that includes this fix (post v6.16). Until then, monitoring for the warning and avoiding writing to function_profile_enabled interface repeatedly without proper cleanup may help reduce the issue.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart