CVE-2025-39941
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-04

Last updated on: 2025-10-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: zram: fix slot write race condition Parallel concurrent writes to the same zram index result in leaked zsmalloc handles. Schematically we can have something like this: CPU0 CPU1 zram_slot_lock() zs_free(handle) zram_slot_lock() zram_slot_lock() zs_free(handle) zram_slot_lock() compress compress handle = zs_malloc() handle = zs_malloc() zram_slot_lock zram_set_handle(handle) zram_slot_lock zram_slot_lock zram_set_handle(handle) zram_slot_lock Either CPU0 or CPU1 zsmalloc handle will leak because zs_free() is done too early. In fact, we need to reset zram entry right before we set its new handle, all under the same slot lock scope.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-04
Last Modified
2025-10-06
Generated
2026-06-16
AI Q&A
2025-10-04
EPSS Evaluated
2026-06-15
NVD
CVE-2025-39941
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a race condition in the Linux kernel's zram module where parallel concurrent writes to the same zram index cause leaked zsmalloc handles. The issue occurs because zs_free() is called too early during concurrent operations, leading to one of the handles being leaked. The fix involves resetting the zram entry right before setting its new handle, all within the same slot lock scope to prevent the race condition.

Impact Analysis

The vulnerability can lead to leaked memory handles (zsmalloc handles) due to race conditions during concurrent writes in the zram module. This can cause resource leaks, potentially degrading system performance or stability over time if the leaked handles accumulate.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-39941. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart