CVE-2025-39941
BaseFortify
Publication date: 2025-10-04
Last updated on: 2025-10-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a race condition in the Linux kernel's zram module where parallel concurrent writes to the same zram index cause leaked zsmalloc handles. The issue occurs because zs_free() is called too early during concurrent operations, leading to one of the handles being leaked. The fix involves resetting the zram entry right before setting its new handle, all within the same slot lock scope to prevent the race condition.
How can this vulnerability impact me? :
The vulnerability can lead to leaked memory handles (zsmalloc handles) due to race conditions during concurrent writes in the zram module. This can cause resource leaks, potentially degrading system performance or stability over time if the leaked handles accumulate.