CVE-2025-71074Race Condition in Linux

CWE-362Race Condition6 documents6 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 99.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 13

Description

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffs_epfile_open() can race with removal, ending up with file->private_data pointing to freed object. There is a total count of opened files on functionfs (both ep0 and dynamic ones) and when it hits zero, dynamic files get removed. Unfortunately, that removal can happen while another thread is in ffs_epfile_open(), but has not incremented the count yet. In that case open will succeed, le

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel2.6.35.16.19+2
Debianlinux/linux_kernel< 6.19.6-1
CVEListV5linux/linuxddf8abd2599491cbad959c700b90ba72a5dce8d0e5bf5ee266633cb18fff6f98f0b7d59a62819eee+1
debiandebian/linux< linux 6.19.6-1 (forky)

Patches

Patch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-98h8-m6w9-qr4x: In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffs_epfile_open() can race with removal,2026-01-13
OSV
CVE-2025-71074: In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffs_epfile_open() can race with removal, en2026-01-13

📋Vendor Advisories

2
Red Hat
kernel: functionfs: fix the open/removal races2026-01-13
Debian
CVE-2025-71074: linux - In the Linux kernel, the following vulnerability has been resolved: functionfs:...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71074 Impact, Exploitability, and Mitigation Steps | Wiz