[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-39843":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":39,"aliases":40,"duplicate_of":9,"upstream":41,"downstream":42,"duplicates":81,"related":82,"reserved_at":9,"published_at":83,"modified_at":84,"state":85,"summary":86,"references_raw":95,"kevs":128,"epss":129,"epss_history":132,"metrics":401,"affected":407},"CVE-2025-39843","In the Linux kernel, the following vulnerability has been resolved:\n\nmm: slub: avoid wake up kswapd in set_track_prepare\n\nset_track_prepare() can incur lock recursion.\nThe issue is that it is called from hrtimer_start_range_ns\nholding the per_cpu(hrtimer_bases)[n].lock, but when enabled\nCONFIG_DEBUG_OBJECTS_TIMERS, may wake up kswapd in set_track_prepare,\nand try to hold the per_cpu(hrtimer_bases)[n].lock.\n\nAvoid deadlock caused by implicitly waking up kswapd by passing in\nallocation flags, which do not contain __GFP_KSWAPD_RECLAIM in the\ndebug_objects_fill_pool() case. Inside stack depot they are processed by\ngfp_nested_mask().\nSince ___slab_alloc() has preemption disabled, we mask out\n__GFP_DIRECT_RECLAIM from the flags there.\n\nThe oops looks something like:\n\nBUG: spinlock recursion on CPU#3, swapper/3/0\n lock: 0xffffff8a4bf29c80, .magic: dead4ead, .owner: swapper/3/0, .owner_cpu: 3\nHardware name: Qualcomm Technologies, Inc. Popsicle based on SM8850 (DT)\nCall trace:\nspin_bug+0x0\n_raw_spin_lock_irqsave+0x80\nhrtimer_try_to_cancel+0x94\ntask_contending+0x10c\nenqueue_dl_entity+0x2a4\ndl_server_start+0x74\nenqueue_task_fair+0x568\nenqueue_task+0xac\ndo_activate_task+0x14c\nttwu_do_activate+0xcc\ntry_to_wake_up+0x6c8\ndefault_wake_function+0x20\nautoremove_wake_function+0x1c\n__wake_up+0xac\nwakeup_kswapd+0x19c\nwake_all_kswapds+0x78\n__alloc_pages_slowpath+0x1ac\n__alloc_pages_noprof+0x298\nstack_depot_save_flags+0x6b0\nstack_depot_save+0x14\nset_track_prepare+0x5c\n___slab_alloc+0xccc\n__kmalloc_cache_noprof+0x470\n__set_page_owner+0x2bc\npost_alloc_hook[jt]+0x1b8\nprep_new_page+0x28\nget_page_from_freelist+0x1edc\n__alloc_pages_noprof+0x13c\nalloc_slab_page+0x244\nallocate_slab+0x7c\n___slab_alloc+0x8e8\nkmem_cache_alloc_noprof+0x450\ndebug_objects_fill_pool+0x22c\ndebug_object_activate+0x40\nenqueue_hrtimer[jt]+0xdc\nhrtimer_start_range_ns+0x5f8\n...",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-667","Improper Locking","The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.","weakness","Draft","Class",[19,31,35],{"id":20,"name":21,"techniques":22},"CAPEC-25","Forced Deadlock",[23],{"id":24,"name":25,"tactics":26,"countermeasures":30},"T1499.004","Application or System Exploitation",[27],{"id":28,"name":29},"TA0105","Impact",[],{"id":32,"name":33,"techniques":34},"CAPEC-26","Leveraging Race Conditions",[],{"id":36,"name":37,"techniques":38},"CAPEC-27","Leveraging Race Conditions via Symbolic Links",[],[],[],[],[43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79],{"_key":44},"DLA-4328-1",{"_key":46},"DSA-6008-1",{"_key":48},"DSA-6009-1",{"_key":50},"RHSA-2025:21926",{"_key":52},"RHSA-2025:23789",{"_key":54},"DEBIAN-CVE-2025-39843",{"_key":56},"USN-8095-1",{"_key":58},"USN-8095-2",{"_key":60},"USN-8095-3",{"_key":62},"USN-8095-4",{"_key":64},"USN-8095-5",{"_key":66},"USN-8100-1",{"_key":68},"USN-8125-1",{"_key":70},"USN-8165-1",{"_key":72},"RHSA-2026:0453",{"_key":74},"USN-8126-1",{"_key":76},"RHSA-2026:0271",{"_key":78},"UBUNTU-CVE-2025-39843",{"_key":80},"USN-8261-1",[],[],"2025-09-19T15:26:17.758Z","2026-05-12T12:07:31.214Z","Modified",{"cisa_kev":87,"cisa_ransomware":87,"cisa_vendor":9,"epss_severity":88,"epss_score":89,"severity":90,"severity_score":91,"severity_version":92,"severity_source":93,"severity_vector":94,"severity_status":85},false,"low",0.00015,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[96,102,106,110,114,118,124],{"url":97,"sources":98,"tags":100},"https://git.kernel.org/stable/c/994b03b9605d36d814c611385fbf90ca6db20aa8",[99,93],"cve.org",[101],"Patch",{"url":103,"sources":104,"tags":105},"https://git.kernel.org/stable/c/522ffe298627cfe72539d72167c2e20e72b5e856",[99,93],[101],{"url":107,"sources":108,"tags":109},"https://git.kernel.org/stable/c/243b705a90ed8449f561a271cf251fd2e939f3db",[99,93],[101],{"url":111,"sources":112,"tags":113},"https://git.kernel.org/stable/c/eb3240ffd243bfb8b1e9dc568d484ecf9fd660ab",[99,93],[101],{"url":115,"sources":116,"tags":117},"https://git.kernel.org/stable/c/850470a8413a8a78e772c4f6bd9fe81ec6bd5b0f",[99,93],[101],{"url":119,"sources":120,"tags":121},"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",[99,93],[122,123],"Third Party Advisory","Mailing List",{"url":125,"sources":126,"tags":127},"https://cert-portal.siemens.com/productcert/html/ssa-032379.html",[99,93],[],[],{"date":130,"score":89,"percentile":131},"2026-06-04",0.03145,[133,137,140,143,146,149,152,155,158,161,164,167,170,173,176,179,182,185,188,191,193,196,199,203,206,209,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,290,293,296,299,302,305,307,310,313,316,319,322,325,327,330,332,335,338,341,344,347,349,352,355,358,362,365,369,372,375,378,381,384,387,390,393,395,398],{"date":134,"score":135,"percentile":136},"2025-11-04",0.00035,0.09398,{"date":138,"score":135,"percentile":139},"2025-11-05",0.09417,{"date":141,"score":135,"percentile":142},"2025-11-06",0.09538,{"date":144,"score":135,"percentile":145},"2025-11-07",0.0956,{"date":147,"score":135,"percentile":148},"2025-11-08",0.09573,{"date":150,"score":135,"percentile":151},"2025-11-09",0.09543,{"date":153,"score":135,"percentile":154},"2025-11-10",0.09501,{"date":156,"score":135,"percentile":157},"2025-11-11",0.09518,{"date":159,"score":135,"percentile":160},"2025-11-12",0.09548,{"date":162,"score":135,"percentile":163},"2025-11-13",0.0959,{"date":165,"score":135,"percentile":166},"2025-11-14",0.09613,{"date":168,"score":135,"percentile":169},"2025-11-15",0.09627,{"date":171,"score":135,"percentile":172},"2025-11-16",0.09632,{"date":174,"score":135,"percentile":175},"2025-11-17",0.09624,{"date":177,"score":135,"percentile":178},"2025-11-18",0.05816,{"date":180,"score":135,"percentile":181},"2025-11-19",0.05834,{"date":183,"score":135,"percentile":184},"2025-11-20",0.0587,{"date":186,"score":135,"percentile":187},"2025-11-21",0.0968,{"date":189,"score":135,"percentile":190},"2025-11-22",0.09656,{"date":192,"score":135,"percentile":169},"2025-11-23",{"date":194,"score":135,"percentile":195},"2025-11-24",0.09606,{"date":197,"score":135,"percentile":198},"2025-11-25",0.09595,{"date":200,"score":201,"percentile":202},"2025-11-26",0.00036,0.10298,{"date":204,"score":201,"percentile":205},"2025-11-27",0.10301,{"date":207,"score":201,"percentile":208},"2025-11-28",0.10292,{"date":210,"score":201,"percentile":211},"2025-11-29",0.10288,{"date":213,"score":201,"percentile":214},"2025-11-30",0.10299,{"date":216,"score":201,"percentile":217},"2025-12-01",0.10338,{"date":219,"score":201,"percentile":220},"2025-12-02",0.10346,{"date":222,"score":201,"percentile":223},"2025-12-03",0.1036,{"date":225,"score":201,"percentile":226},"2025-12-04",0.10347,{"date":228,"score":201,"percentile":229},"2025-12-05",0.10376,{"date":231,"score":201,"percentile":232},"2025-12-06",0.10388,{"date":234,"score":201,"percentile":235},"2025-12-07",0.10384,{"date":237,"score":201,"percentile":238},"2025-12-08",0.10383,{"date":240,"score":201,"percentile":241},"2025-12-09",0.10432,{"date":243,"score":201,"percentile":244},"2025-12-10",0.10503,{"date":246,"score":201,"percentile":247},"2025-12-11",0.10533,{"date":249,"score":201,"percentile":250},"2025-12-12",0.10555,{"date":252,"score":201,"percentile":253},"2025-12-13",0.10553,{"date":255,"score":201,"percentile":256},"2025-12-14",0.10548,{"date":258,"score":201,"percentile":259},"2025-12-15",0.10484,{"date":261,"score":201,"percentile":262},"2025-12-16",0.10469,{"date":264,"score":201,"percentile":265},"2025-12-17",0.10546,{"date":267,"score":201,"percentile":268},"2025-12-18",0.10597,{"date":270,"score":201,"percentile":271},"2025-12-19",0.10612,{"date":273,"score":201,"percentile":274},"2025-12-20",0.10607,{"date":276,"score":201,"percentile":277},"2025-12-21",0.10591,{"date":279,"score":201,"percentile":280},"2025-12-22",0.10564,{"date":282,"score":201,"percentile":283},"2025-12-23",0.1055,{"date":285,"score":201,"percentile":286},"2025-12-24",0.10557,{"date":288,"score":201,"percentile":289},"2025-12-25",0.10639,{"date":291,"score":201,"percentile":292},"2025-12-26",0.10632,{"date":294,"score":201,"percentile":295},"2025-12-27",0.10634,{"date":297,"score":201,"percentile":298},"2025-12-28",0.10636,{"date":300,"score":201,"percentile":301},"2025-12-29",0.10601,{"date":303,"score":201,"percentile":304},"2025-12-30",0.10581,{"date":306,"score":201,"percentile":292},"2025-12-31",{"date":308,"score":201,"percentile":309},"2026-01-01",0.10675,{"date":311,"score":201,"percentile":312},"2026-01-02",0.10672,{"date":314,"score":201,"percentile":315},"2026-01-03",0.10643,{"date":317,"score":201,"percentile":318},"2026-01-04",0.10573,{"date":320,"score":201,"percentile":321},"2026-01-05",0.10527,{"date":323,"score":201,"percentile":324},"2026-01-06",0.1052,{"date":326,"score":201,"percentile":283},"2026-01-07",{"date":328,"score":201,"percentile":329},"2026-01-08",0.10603,{"date":331,"score":201,"percentile":292},"2026-01-09",{"date":333,"score":201,"percentile":334},"2026-01-10",0.1065,{"date":336,"score":201,"percentile":337},"2026-01-11",0.10628,{"date":339,"score":201,"percentile":340},"2026-01-12",0.10604,{"date":342,"score":201,"percentile":343},"2026-01-13",0.1057,{"date":345,"score":201,"percentile":346},"2026-01-14",0.10621,{"date":348,"score":201,"percentile":295},"2026-01-15",{"date":350,"score":201,"percentile":351},"2026-01-16",0.10671,{"date":353,"score":201,"percentile":354},"2026-01-17",0.10681,{"date":356,"score":201,"percentile":357},"2026-01-18",0.10642,{"date":359,"score":360,"percentile":361},"2026-01-19",0.00047,0.14639,{"date":363,"score":360,"percentile":364},"2026-01-20",0.14621,{"date":366,"score":367,"percentile":368},"2026-01-21",0.00018,0.03464,{"date":370,"score":367,"percentile":371},"2026-01-22",0.03469,{"date":373,"score":367,"percentile":374},"2026-01-23",0.03517,{"date":376,"score":367,"percentile":377},"2026-01-24",0.03546,{"date":379,"score":367,"percentile":380},"2026-01-25",0.03528,{"date":382,"score":367,"percentile":383},"2026-01-26",0.03512,{"date":385,"score":367,"percentile":386},"2026-01-27",0.03497,{"date":388,"score":367,"percentile":389},"2026-01-28",0.03483,{"date":391,"score":367,"percentile":392},"2026-01-29",0.03504,{"date":394,"score":367,"percentile":392},"2026-01-30",{"date":396,"score":367,"percentile":397},"2026-01-31",0.03485,{"date":399,"score":367,"percentile":400},"2026-02-01",0.03575,[402],{"source":93,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":403,"cvss_v4_0":9},{"baseScore":91,"baseSeverity":404,"vectorString":94,"impactScore":405,"exploitabilityScore":406},"MEDIUM",6,4.6,[408,417,443],{"ecosystem":9,"name":409,"vendor":410,"product":411,"cpe_part":412,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":413},"debian linux","debian","debian_linux","o",[414],{"version":415,"is_range":87,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":418,"vendor":419,"product":419,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"Linux","linux","a",[422,429,432,435,438,441],{"version":423,"is_range":424,"range_type":99,"version_start":425,"version_start_type":426,"version_end":427,"version_end_type":428,"fixed_in":9},">= 5cf909c553e9efed573811de4b3f5172898d5515, \u003C 994b03b9605d36d814c611385fbf90ca6db20aa8",true,"5cf909c553e9efed573811de4b3f5172898d5515","including","994b03b9605d36d814c611385fbf90ca6db20aa8","excluding",{"version":430,"is_range":424,"range_type":99,"version_start":425,"version_start_type":426,"version_end":431,"version_end_type":428,"fixed_in":9},">= 5cf909c553e9efed573811de4b3f5172898d5515, \u003C 522ffe298627cfe72539d72167c2e20e72b5e856","522ffe298627cfe72539d72167c2e20e72b5e856",{"version":433,"is_range":424,"range_type":99,"version_start":425,"version_start_type":426,"version_end":434,"version_end_type":428,"fixed_in":9},">= 5cf909c553e9efed573811de4b3f5172898d5515, \u003C 243b705a90ed8449f561a271cf251fd2e939f3db","243b705a90ed8449f561a271cf251fd2e939f3db",{"version":436,"is_range":424,"range_type":99,"version_start":425,"version_start_type":426,"version_end":437,"version_end_type":428,"fixed_in":9},">= 5cf909c553e9efed573811de4b3f5172898d5515, \u003C eb3240ffd243bfb8b1e9dc568d484ecf9fd660ab","eb3240ffd243bfb8b1e9dc568d484ecf9fd660ab",{"version":439,"is_range":424,"range_type":99,"version_start":425,"version_start_type":426,"version_end":440,"version_end_type":428,"fixed_in":9},">= 5cf909c553e9efed573811de4b3f5172898d5515, \u003C 850470a8413a8a78e772c4f6bd9fe81ec6bd5b0f","850470a8413a8a78e772c4f6bd9fe81ec6bd5b0f",{"version":442,"is_range":87,"range_type":99,"version_start":442,"version_start_type":426,"version_end":442,"version_end_type":426,"fixed_in":9},"5.19",{"ecosystem":9,"name":444,"vendor":419,"product":445,"cpe_part":412,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":446},"linux kernel","linux_kernel",[447,450,454,458,462,464,466,468],{"version":448,"is_range":424,"range_type":416,"version_start":442,"version_start_type":426,"version_end":449,"version_end_type":428,"fixed_in":9},"gte5.19_lt6.1.151","6.1.151",{"version":451,"is_range":424,"range_type":416,"version_start":452,"version_start_type":426,"version_end":453,"version_end_type":428,"fixed_in":9},"gte6.2_lt6.6.105","6.2","6.6.105",{"version":455,"is_range":424,"range_type":416,"version_start":456,"version_start_type":426,"version_end":457,"version_end_type":428,"fixed_in":9},"gte6.7_lt6.12.46","6.7","6.12.46",{"version":459,"is_range":424,"range_type":416,"version_start":460,"version_start_type":426,"version_end":461,"version_end_type":428,"fixed_in":9},"gte6.13_lt6.16.6","6.13","6.16.6",{"version":463,"is_range":87,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc1",{"version":465,"is_range":87,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc2",{"version":467,"is_range":87,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc3",{"version":469,"is_range":87,"range_type":416,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc4"]