CVE-2025-39905Race Condition in Linux

CWE-362Race ConditionCWE-664Improper Control of a Resource Through its Lifetime7 documents7 sources
Severity
7.0HIGHNVD
EPSS
0.0%
top 98.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
15
LinuxLinux KernelDebian Linux+12 more
Timeline
PublishedOct 1
Latest updateOct 14

Description

In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver Currently phylink_resolve() protects itself against concurrent phylink_bringup_phy() or phylink_disconnect_phy() calls which modify pl->phydev by relying on pl->state_mutex. The problem is that in phylink_resolve(), pl->state_mutex is in a lock inversion state with pl->phydev->lock. So pl->phydev->lock needs to be acquired prior to pl->state_mut

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages16 packages

NVDlinux/linux_kernel< 6.16.8+1
Debianlinux/linux_kernel< 6.16.8-1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-3w4m-c8rq-62jj: In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver2025-10-01
OSV
CVE-2025-39905: In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver2025-10-01

📋Vendor Advisories

3
Microsoft
net: phylink: add lock for serializing concurrent pl->phydev writes with resolver2025-10-14
Red Hat
kernel: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver2025-10-01
Debian
CVE-2025-39905: linux - In the Linux kernel, the following vulnerability has been resolved: net: phylin...2025

🕵️Threat Intelligence

1
Bleepingcomputer
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws2025-10-14
CVE-2025-39905 — Race Condition in Linux | cvebase