CVE-2025-40319
BaseFortify
Publication date: 2025-12-08
Last updated on: 2025-12-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a race condition in the Linux kernel's BPF subsystem involving the ring buffer and irq_work. Specifically, irq_work can be queued in bpf_ringbuf_commit(), but if the ring buffer is freed before the irq_work executes, the irq_work thread may access freed memory, leading to potential memory corruption or crashes. The fix involves synchronizing pending irq_work before freeing the ring buffer to prevent this unsafe access.
How can this vulnerability impact me? :
This vulnerability can lead to memory corruption or kernel crashes due to use-after-free conditions when irq_work accesses freed memory. This can cause system instability, potential denial of service, or unpredictable behavior in systems running vulnerable Linux kernel versions.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that fixes the race condition in the Linux kernel by ensuring that irq_work is synchronized before freeing the ring buffer. Specifically, update your Linux kernel to a version that includes the fix where irq_work_sync(&rb->work) is called before freeing the buffer to prevent use-after-free conditions.