[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-39877":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":62,"related":63,"reserved_at":9,"published_at":70,"modified_at":71,"state":72,"summary":73,"references_raw":82,"kevs":111,"epss":112,"epss_history":115,"metrics":385,"affected":391},"CVE-2025-39877","In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/sysfs: fix use-after-free in state_show()\n\nstate_show() reads kdamond->damon_ctx without holding damon_sysfs_lock. \nThis allows a use-after-free race:\n\nCPU 0                         CPU 1\n-----                         -----\nstate_show()                  damon_sysfs_turn_damon_on()\nctx = kdamond->damon_ctx;     mutex_lock(&damon_sysfs_lock);\n                              damon_destroy_ctx(kdamond->damon_ctx);\n                              kdamond->damon_ctx = NULL;\n                              mutex_unlock(&damon_sysfs_lock);\ndamon_is_running(ctx);        /* ctx is freed */\nmutex_lock(&ctx->kdamond_lock); /* UAF */\n\n(The race can also occur with damon_sysfs_kdamonds_rm_dirs() and\ndamon_sysfs_kdamond_release(), which free or replace the context under\ndamon_sysfs_lock.)\n\nFix by taking damon_sysfs_lock before dereferencing the context, mirroring\nthe locking used in pid_show().\n\nThe bug has existed since state_show() first accessed kdamond->damon_ctx.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60],{"_key":25},"DLA-4328-1",{"_key":27},"SUSE-SU-2025:21074-1",{"_key":29},"SUSE-SU-2025:21139-1",{"_key":31},"SUSE-SU-2025:21179-1",{"_key":33},"OPENSUSE-SU-2025:20081-1",{"_key":35},"MGASA-2025-0309",{"_key":37},"MGASA-2025-0310",{"_key":39},"DEBIAN-CVE-2025-39877",{"_key":41},"USN-8095-1",{"_key":43},"USN-8095-2",{"_key":45},"USN-8095-3",{"_key":47},"USN-8095-4",{"_key":49},"USN-8095-5",{"_key":51},"USN-8100-1",{"_key":53},"USN-8125-1",{"_key":55},"USN-8165-1",{"_key":57},"USN-8126-1",{"_key":59},"UBUNTU-CVE-2025-39877",{"_key":61},"USN-8261-1",[],[64,65,66,67,68,69],{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},"2025-09-23T06:00:48.317Z","2026-05-11T21:38:09.382Z","Analyzed",{"cisa_kev":74,"cisa_ransomware":74,"cisa_vendor":9,"epss_severity":75,"epss_score":76,"severity":77,"severity_score":78,"severity_version":79,"severity_source":80,"severity_vector":81,"severity_status":72},false,"low",0.00019,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[83,89,93,97,101,105],{"url":84,"sources":85,"tags":87},"https://git.kernel.org/stable/c/3858c44341ad49dc7544b19cc9f9ecffaa7cc50e",[86,80],"cve.org",[88],"Patch",{"url":90,"sources":91,"tags":92},"https://git.kernel.org/stable/c/60d7a3d2b985a395318faa1d88da6915fad11c19",[86,80],[88],{"url":94,"sources":95,"tags":96},"https://git.kernel.org/stable/c/26d29b2ac87a2989071755f9828ebf839b560d4c",[86,80],[88],{"url":98,"sources":99,"tags":100},"https://git.kernel.org/stable/c/4e87f461d61959647464a94d11ae15c011be58ce",[86,80],[88],{"url":102,"sources":103,"tags":104},"https://git.kernel.org/stable/c/3260a3f0828e06f5f13fac69fb1999a6d60d9cff",[86,80],[88],{"url":106,"sources":107,"tags":108},"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",[86,80],[109,110],"Third Party Advisory","Mailing List",[],{"date":113,"score":76,"percentile":114},"2026-06-04",0.05524,[116,120,123,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,171,174,176,179,182,185,188,191,194,198,201,204,207,210,213,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,290,293,296,299,302,305,308,310,313,315,318,321,324,327,330,332,335,338,341,344,347,351,354,358,361,364,367,370,373,376,379,382],{"date":117,"score":118,"percentile":119},"2025-11-04",0.00035,0.09398,{"date":121,"score":118,"percentile":122},"2025-11-05",0.09417,{"date":124,"score":118,"percentile":125},"2025-11-06",0.09538,{"date":127,"score":118,"percentile":128},"2025-11-07",0.0956,{"date":130,"score":118,"percentile":131},"2025-11-08",0.09573,{"date":133,"score":118,"percentile":134},"2025-11-09",0.09543,{"date":136,"score":118,"percentile":137},"2025-11-10",0.09501,{"date":139,"score":118,"percentile":140},"2025-11-11",0.09518,{"date":142,"score":118,"percentile":143},"2025-11-12",0.09548,{"date":145,"score":118,"percentile":146},"2025-11-13",0.0959,{"date":148,"score":118,"percentile":149},"2025-11-14",0.09613,{"date":151,"score":118,"percentile":152},"2025-11-15",0.09627,{"date":154,"score":118,"percentile":155},"2025-11-16",0.09632,{"date":157,"score":118,"percentile":158},"2025-11-17",0.09624,{"date":160,"score":118,"percentile":161},"2025-11-18",0.05816,{"date":163,"score":118,"percentile":164},"2025-11-19",0.05834,{"date":166,"score":118,"percentile":167},"2025-11-20",0.0587,{"date":169,"score":118,"percentile":170},"2025-11-21",0.0968,{"date":172,"score":118,"percentile":173},"2025-11-22",0.09656,{"date":175,"score":118,"percentile":152},"2025-11-23",{"date":177,"score":118,"percentile":178},"2025-11-24",0.09606,{"date":180,"score":118,"percentile":181},"2025-11-25",0.09595,{"date":183,"score":118,"percentile":184},"2025-11-26",0.09597,{"date":186,"score":118,"percentile":187},"2025-11-27",0.09608,{"date":189,"score":118,"percentile":190},"2025-11-28",0.09592,{"date":192,"score":118,"percentile":193},"2025-11-29",0.0962,{"date":195,"score":196,"percentile":197},"2025-11-30",0.00036,0.10299,{"date":199,"score":196,"percentile":200},"2025-12-01",0.10338,{"date":202,"score":196,"percentile":203},"2025-12-02",0.10346,{"date":205,"score":196,"percentile":206},"2025-12-03",0.1036,{"date":208,"score":196,"percentile":209},"2025-12-04",0.10347,{"date":211,"score":196,"percentile":212},"2025-12-05",0.10376,{"date":214,"score":196,"percentile":215},"2025-12-06",0.10388,{"date":217,"score":196,"percentile":218},"2025-12-07",0.10384,{"date":220,"score":196,"percentile":221},"2025-12-08",0.10383,{"date":223,"score":196,"percentile":224},"2025-12-09",0.10432,{"date":226,"score":196,"percentile":227},"2025-12-10",0.10503,{"date":229,"score":196,"percentile":230},"2025-12-11",0.10533,{"date":232,"score":196,"percentile":233},"2025-12-12",0.10555,{"date":235,"score":196,"percentile":236},"2025-12-13",0.10553,{"date":238,"score":196,"percentile":239},"2025-12-14",0.10548,{"date":241,"score":196,"percentile":242},"2025-12-15",0.10484,{"date":244,"score":196,"percentile":245},"2025-12-16",0.10469,{"date":247,"score":196,"percentile":248},"2025-12-17",0.10546,{"date":250,"score":196,"percentile":251},"2025-12-18",0.10597,{"date":253,"score":196,"percentile":254},"2025-12-19",0.10612,{"date":256,"score":196,"percentile":257},"2025-12-20",0.10607,{"date":259,"score":196,"percentile":260},"2025-12-21",0.10591,{"date":262,"score":196,"percentile":263},"2025-12-22",0.10564,{"date":265,"score":196,"percentile":266},"2025-12-23",0.1055,{"date":268,"score":196,"percentile":269},"2025-12-24",0.10557,{"date":271,"score":196,"percentile":272},"2025-12-25",0.10639,{"date":274,"score":196,"percentile":275},"2025-12-26",0.10632,{"date":277,"score":196,"percentile":278},"2025-12-27",0.10634,{"date":280,"score":196,"percentile":281},"2025-12-28",0.10636,{"date":283,"score":196,"percentile":284},"2025-12-29",0.10601,{"date":286,"score":196,"percentile":287},"2025-12-30",0.10581,{"date":289,"score":196,"percentile":275},"2025-12-31",{"date":291,"score":196,"percentile":292},"2026-01-01",0.10675,{"date":294,"score":196,"percentile":295},"2026-01-02",0.10672,{"date":297,"score":196,"percentile":298},"2026-01-03",0.10643,{"date":300,"score":196,"percentile":301},"2026-01-04",0.10573,{"date":303,"score":196,"percentile":304},"2026-01-05",0.10527,{"date":306,"score":196,"percentile":307},"2026-01-06",0.1052,{"date":309,"score":196,"percentile":266},"2026-01-07",{"date":311,"score":196,"percentile":312},"2026-01-08",0.10603,{"date":314,"score":196,"percentile":275},"2026-01-09",{"date":316,"score":196,"percentile":317},"2026-01-10",0.1065,{"date":319,"score":196,"percentile":320},"2026-01-11",0.10628,{"date":322,"score":196,"percentile":323},"2026-01-12",0.10604,{"date":325,"score":196,"percentile":326},"2026-01-13",0.1057,{"date":328,"score":196,"percentile":329},"2026-01-14",0.10621,{"date":331,"score":196,"percentile":278},"2026-01-15",{"date":333,"score":196,"percentile":334},"2026-01-16",0.10671,{"date":336,"score":196,"percentile":337},"2026-01-17",0.10681,{"date":339,"score":196,"percentile":340},"2026-01-18",0.10642,{"date":342,"score":196,"percentile":343},"2026-01-19",0.10589,{"date":345,"score":196,"percentile":346},"2026-01-20",0.10565,{"date":348,"score":349,"percentile":350},"2026-01-21",0.00018,0.03582,{"date":352,"score":349,"percentile":353},"2026-01-22",0.03587,{"date":355,"score":356,"percentile":357},"2026-01-23",0.00023,0.0546,{"date":359,"score":356,"percentile":360},"2026-01-24",0.05504,{"date":362,"score":356,"percentile":363},"2026-01-25",0.0545,{"date":365,"score":356,"percentile":366},"2026-01-26",0.05426,{"date":368,"score":356,"percentile":369},"2026-01-27",0.05407,{"date":371,"score":356,"percentile":372},"2026-01-28",0.05393,{"date":374,"score":356,"percentile":375},"2026-01-29",0.05404,{"date":377,"score":356,"percentile":378},"2026-01-30",0.05401,{"date":380,"score":356,"percentile":381},"2026-01-31",0.05398,{"date":383,"score":356,"percentile":384},"2026-02-01",0.05469,[386],{"source":80,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":387,"cvss_v4_0":9},{"baseScore":78,"baseSeverity":388,"vectorString":81,"impactScore":389,"exploitabilityScore":390},"HIGH",9.8,4.6,[392,401,427],{"ecosystem":9,"name":393,"vendor":394,"product":395,"cpe_part":396,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":397},"debian linux","debian","debian_linux","o",[398],{"version":399,"is_range":74,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":402,"vendor":403,"product":403,"cpe_part":404,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":405},"Linux","linux","a",[406,413,416,419,422,425],{"version":407,"is_range":408,"range_type":86,"version_start":409,"version_start_type":410,"version_end":411,"version_end_type":412,"fixed_in":9},">= a61ea561c87139992fe32afdee48a6f6b85d824a, \u003C 3858c44341ad49dc7544b19cc9f9ecffaa7cc50e",true,"a61ea561c87139992fe32afdee48a6f6b85d824a","including","3858c44341ad49dc7544b19cc9f9ecffaa7cc50e","excluding",{"version":414,"is_range":408,"range_type":86,"version_start":409,"version_start_type":410,"version_end":415,"version_end_type":412,"fixed_in":9},">= a61ea561c87139992fe32afdee48a6f6b85d824a, \u003C 60d7a3d2b985a395318faa1d88da6915fad11c19","60d7a3d2b985a395318faa1d88da6915fad11c19",{"version":417,"is_range":408,"range_type":86,"version_start":409,"version_start_type":410,"version_end":418,"version_end_type":412,"fixed_in":9},">= a61ea561c87139992fe32afdee48a6f6b85d824a, \u003C 26d29b2ac87a2989071755f9828ebf839b560d4c","26d29b2ac87a2989071755f9828ebf839b560d4c",{"version":420,"is_range":408,"range_type":86,"version_start":409,"version_start_type":410,"version_end":421,"version_end_type":412,"fixed_in":9},">= a61ea561c87139992fe32afdee48a6f6b85d824a, \u003C 4e87f461d61959647464a94d11ae15c011be58ce","4e87f461d61959647464a94d11ae15c011be58ce",{"version":423,"is_range":408,"range_type":86,"version_start":409,"version_start_type":410,"version_end":424,"version_end_type":412,"fixed_in":9},">= a61ea561c87139992fe32afdee48a6f6b85d824a, \u003C 3260a3f0828e06f5f13fac69fb1999a6d60d9cff","3260a3f0828e06f5f13fac69fb1999a6d60d9cff",{"version":426,"is_range":74,"range_type":86,"version_start":426,"version_start_type":410,"version_end":426,"version_end_type":410,"fixed_in":9},"5.18",{"ecosystem":9,"name":428,"vendor":403,"product":429,"cpe_part":396,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":430},"linux kernel","linux_kernel",[431,434,438,442,446,448,450,452,454],{"version":432,"is_range":408,"range_type":400,"version_start":426,"version_start_type":410,"version_end":433,"version_end_type":412,"fixed_in":9},"gte5.18_lt6.1.153","6.1.153",{"version":435,"is_range":408,"range_type":400,"version_start":436,"version_start_type":410,"version_end":437,"version_end_type":412,"fixed_in":9},"gte6.2_lt6.6.107","6.2","6.6.107",{"version":439,"is_range":408,"range_type":400,"version_start":440,"version_start_type":410,"version_end":441,"version_end_type":412,"fixed_in":9},"gte6.7_lt6.12.48","6.7","6.12.48",{"version":443,"is_range":408,"range_type":400,"version_start":444,"version_start_type":410,"version_end":445,"version_end_type":412,"fixed_in":9},"gte6.13_lt6.16.8","6.13","6.16.8",{"version":447,"is_range":74,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc1",{"version":449,"is_range":74,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc2",{"version":451,"is_range":74,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc3",{"version":453,"is_range":74,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc4",{"version":455,"is_range":74,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc5"]