CVE-2025-39745Time-of-check Time-of-use (TOCTOU) Race Condition in Linux

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 98.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
LinuxLinux KernelDebian Linux+2 more
Timeline
PublishedSep 11

Description

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels For built with CONFIG_PREEMPT_RT=y kernels, running rcutorture tests resulted in the following splat: [ 68.797425] rcutorture_one_extend_check during change: Current 0x1 To add 0x1 To remove 0x0 preempt_count() 0x0 [ 68.797533] WARNING: CPU: 2 PID: 512 at kernel/rcu/rcutorture.c:1993 rcutorture_one_extend_check+0x419/0x560 [rcutorture] [ 68.797601] Call Trace:

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel6.166.16.2+1
Debianlinux/linux_kernel< 6.16.3-1
CVEListV5linux/linuxec9d6356bfda69abe5f4767dd56c964127913233a85550267247cdf5e7499be00ea8e388ab014e50+3

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-59f6-f4pc-ww92: In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels For built with2025-09-11
OSV
CVE-2025-39745: In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels For built with C2025-09-11

📋Vendor Advisories

3
Red Hat
kernel: Linux kernel: Denial of Service in rcutorture due to incorrect preempt_count handling2025-09-11
Microsoft
rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels2025-09-09
Debian
CVE-2025-39745: linux - In the Linux kernel, the following vulnerability has been resolved: rcutorture:...2025
CVE-2025-39745 — Linux vulnerability | cvebase