[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-39881":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":90,"related":91,"reserved_at":9,"published_at":108,"modified_at":109,"state":110,"summary":111,"references_raw":120,"kevs":148,"epss":149,"epss_history":152,"metrics":422,"affected":428},"CVE-2025-39881","In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: Fix UAF in polling when open file is released\n\nA use-after-free (UAF) vulnerability was identified in the PSI (Pressure\nStall Information) monitoring mechanism:\n\nBUG: KASAN: slab-use-after-free in psi_trigger_poll+0x3c/0x140\nRead of size 8 at addr ffff3de3d50bd308 by task systemd/1\n\npsi_trigger_poll+0x3c/0x140\ncgroup_pressure_poll+0x70/0xa0\ncgroup_file_poll+0x8c/0x100\nkernfs_fop_poll+0x11c/0x1c0\nep_item_poll.isra.0+0x188/0x2c0\n\nAllocated by task 1:\ncgroup_file_open+0x88/0x388\nkernfs_fop_open+0x73c/0xaf0\ndo_dentry_open+0x5fc/0x1200\nvfs_open+0xa0/0x3f0\ndo_open+0x7e8/0xd08\npath_openat+0x2fc/0x6b0\ndo_filp_open+0x174/0x368\n\nFreed by task 8462:\ncgroup_file_release+0x130/0x1f8\nkernfs_drain_open_files+0x17c/0x440\nkernfs_drain+0x2dc/0x360\nkernfs_show+0x1b8/0x288\ncgroup_file_show+0x150/0x268\ncgroup_pressure_write+0x1dc/0x340\ncgroup_file_write+0x274/0x548\n\nReproduction Steps:\n1. Open test/cpu.pressure and establish epoll monitoring\n2. Disable monitoring: echo 0 > test/cgroup.pressure\n3. Re-enable monitoring: echo 1 > test/cgroup.pressure\n\nThe race condition occurs because:\n1. When cgroup.pressure is disabled (echo 0 > cgroup.pressure), it:\n   - Releases PSI triggers via cgroup_file_release()\n   - Frees of->priv through kernfs_drain_open_files()\n2. While epoll still holds reference to the file and continues polling\n3. Re-enabling (echo 1 > cgroup.pressure) accesses freed of->priv\n\nepolling\t\t\tdisable/enable cgroup.pressure\nfd=open(cpu.pressure)\nwhile(1)\n...\nepoll_wait\nkernfs_fop_poll\nkernfs_get_active = true\techo 0 > cgroup.pressure\n...\t\t\t\tcgroup_file_show\n\t\t\t\tkernfs_show\n\t\t\t\t// inactive kn\n\t\t\t\tkernfs_drain_open_files\n\t\t\t\tcft->release(of);\n\t\t\t\tkfree(ctx);\n\t\t\t\t...\nkernfs_get_active = false\n\t\t\t\techo 1 > cgroup.pressure\n\t\t\t\tkernfs_show\n\t\t\t\tkernfs_activate_one(kn);\nkernfs_fop_poll\nkernfs_get_active = true\ncgroup_file_poll\npsi_trigger_poll\n// UAF\n...\nend: close(fd)\n\nTo address this issue, introduce kernfs_get_active_of() for kernfs open\nfiles to obtain active references. This function will fail if the open file\nhas been released. Replace kernfs_get_active() with kernfs_get_active_of()\nto prevent further operations on released file descriptors.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88],{"_key":25},"SUSE-SU-2025:4057-1",{"_key":27},"SUSE-SU-2025:4132-1",{"_key":29},"SUSE-SU-2025:4128-1",{"_key":31},"SUSE-SU-2025:4301-1",{"_key":33},"DLA-4328-1",{"_key":35},"RHSA-2025:19469",{"_key":37},"RHSA-2025:22392",{"_key":39},"RHSA-2025:21118",{"_key":41},"SUSE-SU-2025:21040-1",{"_key":43},"SUSE-SU-2025:21052-1",{"_key":45},"SUSE-SU-2025:21056-1",{"_key":47},"SUSE-SU-2025:21064-1",{"_key":49},"SUSE-SU-2025:21080-1",{"_key":51},"SUSE-SU-2025:21147-1",{"_key":53},"SUSE-SU-2025:21180-1",{"_key":55},"SUSE-SU-2025:4141-1",{"_key":57},"SUSE-SU-2025:4140-1",{"_key":59},"OPENSUSE-SU-2025:20091-1",{"_key":61},"RHSA-2025:21469",{"_key":63},"MGASA-2025-0309",{"_key":65},"MGASA-2025-0310",{"_key":67},"DEBIAN-CVE-2025-39881",{"_key":69},"USN-8095-1",{"_key":71},"USN-8095-2",{"_key":73},"USN-8095-3",{"_key":75},"USN-8095-4",{"_key":77},"USN-8095-5",{"_key":79},"USN-8100-1",{"_key":81},"USN-8125-1",{"_key":83},"USN-8165-1",{"_key":85},"USN-8126-1",{"_key":87},"UBUNTU-CVE-2025-39881",{"_key":89},"USN-8261-1",[],[92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":63},{"_key":65},"2025-09-23T06:00:50.496Z","2026-05-11T21:38:14.001Z","Analyzed",{"cisa_kev":112,"cisa_ransomware":112,"cisa_vendor":9,"epss_severity":113,"epss_score":114,"severity":115,"severity_score":116,"severity_version":117,"severity_source":118,"severity_vector":119,"severity_status":110},false,"low",0.00019,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[121,127,131,135,139,143],{"url":122,"sources":123,"tags":125},"https://git.kernel.org/stable/c/34d9cafd469c69ad85e6a36b4303c78382cf5c79",[124,118],"cve.org",[126],"Patch",{"url":128,"sources":129,"tags":130},"https://git.kernel.org/stable/c/854baafc00c433cccbe0ab4231b77aeb9b637b77",[124,118],[126],{"url":132,"sources":133,"tags":134},"https://git.kernel.org/stable/c/7e64474aba78d240f7804f48f2d454dcca78b15f",[124,118],[126],{"url":136,"sources":137,"tags":138},"https://git.kernel.org/stable/c/ac5cda4fae8818cf1963317bb699f7f2f85b60af",[124,118],[126],{"url":140,"sources":141,"tags":142},"https://git.kernel.org/stable/c/3c9ba2777d6c86025e1ba4186dc5cd930e40ec5f",[124,118],[126],{"url":144,"sources":145,"tags":146},"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",[124,118],[147],"Third Party Advisory",[],{"date":150,"score":114,"percentile":151},"2026-06-03",0.05526,[153,157,160,163,166,169,172,175,178,181,184,187,190,193,196,199,202,205,208,211,213,216,219,222,225,228,231,235,238,241,244,247,250,253,256,259,262,265,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,327,330,333,336,339,342,345,347,350,352,355,358,361,364,367,369,372,376,379,382,385,388,391,395,398,401,404,407,410,413,416,419],{"date":154,"score":155,"percentile":156},"2025-11-04",0.00035,0.09398,{"date":158,"score":155,"percentile":159},"2025-11-05",0.09417,{"date":161,"score":155,"percentile":162},"2025-11-06",0.09538,{"date":164,"score":155,"percentile":165},"2025-11-07",0.0956,{"date":167,"score":155,"percentile":168},"2025-11-08",0.09573,{"date":170,"score":155,"percentile":171},"2025-11-09",0.09543,{"date":173,"score":155,"percentile":174},"2025-11-10",0.09501,{"date":176,"score":155,"percentile":177},"2025-11-11",0.09518,{"date":179,"score":155,"percentile":180},"2025-11-12",0.09548,{"date":182,"score":155,"percentile":183},"2025-11-13",0.0959,{"date":185,"score":155,"percentile":186},"2025-11-14",0.09613,{"date":188,"score":155,"percentile":189},"2025-11-15",0.09627,{"date":191,"score":155,"percentile":192},"2025-11-16",0.09632,{"date":194,"score":155,"percentile":195},"2025-11-17",0.09624,{"date":197,"score":155,"percentile":198},"2025-11-18",0.05816,{"date":200,"score":155,"percentile":201},"2025-11-19",0.05834,{"date":203,"score":155,"percentile":204},"2025-11-20",0.0587,{"date":206,"score":155,"percentile":207},"2025-11-21",0.0968,{"date":209,"score":155,"percentile":210},"2025-11-22",0.09656,{"date":212,"score":155,"percentile":189},"2025-11-23",{"date":214,"score":155,"percentile":215},"2025-11-24",0.09606,{"date":217,"score":155,"percentile":218},"2025-11-25",0.09595,{"date":220,"score":155,"percentile":221},"2025-11-26",0.09597,{"date":223,"score":155,"percentile":224},"2025-11-27",0.09608,{"date":226,"score":155,"percentile":227},"2025-11-28",0.09592,{"date":229,"score":155,"percentile":230},"2025-11-29",0.0962,{"date":232,"score":233,"percentile":234},"2025-11-30",0.00036,0.10299,{"date":236,"score":233,"percentile":237},"2025-12-01",0.10338,{"date":239,"score":233,"percentile":240},"2025-12-02",0.10346,{"date":242,"score":233,"percentile":243},"2025-12-03",0.1036,{"date":245,"score":233,"percentile":246},"2025-12-04",0.10347,{"date":248,"score":233,"percentile":249},"2025-12-05",0.10376,{"date":251,"score":233,"percentile":252},"2025-12-06",0.10388,{"date":254,"score":233,"percentile":255},"2025-12-07",0.10384,{"date":257,"score":233,"percentile":258},"2025-12-08",0.10383,{"date":260,"score":233,"percentile":261},"2025-12-09",0.10432,{"date":263,"score":233,"percentile":264},"2025-12-10",0.10503,{"date":266,"score":233,"percentile":267},"2025-12-11",0.10533,{"date":269,"score":233,"percentile":270},"2025-12-12",0.10555,{"date":272,"score":233,"percentile":273},"2025-12-13",0.10553,{"date":275,"score":233,"percentile":276},"2025-12-14",0.10548,{"date":278,"score":233,"percentile":279},"2025-12-15",0.10484,{"date":281,"score":233,"percentile":282},"2025-12-16",0.10469,{"date":284,"score":233,"percentile":285},"2025-12-17",0.10546,{"date":287,"score":233,"percentile":288},"2025-12-18",0.10597,{"date":290,"score":233,"percentile":291},"2025-12-19",0.10612,{"date":293,"score":233,"percentile":294},"2025-12-20",0.10607,{"date":296,"score":233,"percentile":297},"2025-12-21",0.10591,{"date":299,"score":233,"percentile":300},"2025-12-22",0.10564,{"date":302,"score":233,"percentile":303},"2025-12-23",0.1055,{"date":305,"score":233,"percentile":306},"2025-12-24",0.10557,{"date":308,"score":233,"percentile":309},"2025-12-25",0.10639,{"date":311,"score":233,"percentile":312},"2025-12-26",0.10632,{"date":314,"score":233,"percentile":315},"2025-12-27",0.10634,{"date":317,"score":233,"percentile":318},"2025-12-28",0.10636,{"date":320,"score":233,"percentile":321},"2025-12-29",0.10601,{"date":323,"score":233,"percentile":324},"2025-12-30",0.10581,{"date":326,"score":233,"percentile":312},"2025-12-31",{"date":328,"score":233,"percentile":329},"2026-01-01",0.10675,{"date":331,"score":233,"percentile":332},"2026-01-02",0.10672,{"date":334,"score":233,"percentile":335},"2026-01-03",0.10643,{"date":337,"score":233,"percentile":338},"2026-01-04",0.10573,{"date":340,"score":233,"percentile":341},"2026-01-05",0.10527,{"date":343,"score":233,"percentile":344},"2026-01-06",0.1052,{"date":346,"score":233,"percentile":303},"2026-01-07",{"date":348,"score":233,"percentile":349},"2026-01-08",0.10603,{"date":351,"score":233,"percentile":312},"2026-01-09",{"date":353,"score":233,"percentile":354},"2026-01-10",0.1065,{"date":356,"score":233,"percentile":357},"2026-01-11",0.10628,{"date":359,"score":233,"percentile":360},"2026-01-12",0.10604,{"date":362,"score":233,"percentile":363},"2026-01-13",0.1057,{"date":365,"score":233,"percentile":366},"2026-01-14",0.10621,{"date":368,"score":233,"percentile":315},"2026-01-15",{"date":370,"score":233,"percentile":371},"2026-01-16",0.10671,{"date":373,"score":374,"percentile":375},"2026-01-17",0.00018,0.03658,{"date":377,"score":374,"percentile":378},"2026-01-18",0.03631,{"date":380,"score":374,"percentile":381},"2026-01-19",0.03609,{"date":383,"score":374,"percentile":384},"2026-01-20",0.03589,{"date":386,"score":374,"percentile":387},"2026-01-21",0.03582,{"date":389,"score":374,"percentile":390},"2026-01-22",0.03587,{"date":392,"score":393,"percentile":394},"2026-01-23",0.00023,0.0546,{"date":396,"score":393,"percentile":397},"2026-01-24",0.05504,{"date":399,"score":393,"percentile":400},"2026-01-25",0.0545,{"date":402,"score":393,"percentile":403},"2026-01-26",0.05426,{"date":405,"score":393,"percentile":406},"2026-01-27",0.05407,{"date":408,"score":393,"percentile":409},"2026-01-28",0.05393,{"date":411,"score":393,"percentile":412},"2026-01-29",0.05404,{"date":414,"score":393,"percentile":415},"2026-01-30",0.05401,{"date":417,"score":393,"percentile":418},"2026-01-31",0.05398,{"date":420,"score":393,"percentile":421},"2026-02-01",0.05469,[423],{"source":118,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":424,"cvss_v4_0":9},{"baseScore":116,"baseSeverity":425,"vectorString":119,"impactScore":426,"exploitabilityScore":427},"HIGH",9.8,4.6,[429,438,464],{"ecosystem":9,"name":430,"vendor":431,"product":432,"cpe_part":433,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":434},"debian linux","debian","debian_linux","o",[435],{"version":436,"is_range":112,"range_type":437,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":439,"vendor":440,"product":440,"cpe_part":441,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":442},"Linux","linux","a",[443,450,453,456,459,462],{"version":444,"is_range":445,"range_type":124,"version_start":446,"version_start_type":447,"version_end":448,"version_end_type":449,"fixed_in":9},">= 34f26a15611afb03c33df6819359d36f5b382589, \u003C 34d9cafd469c69ad85e6a36b4303c78382cf5c79",true,"34f26a15611afb03c33df6819359d36f5b382589","including","34d9cafd469c69ad85e6a36b4303c78382cf5c79","excluding",{"version":451,"is_range":445,"range_type":124,"version_start":446,"version_start_type":447,"version_end":452,"version_end_type":449,"fixed_in":9},">= 34f26a15611afb03c33df6819359d36f5b382589, \u003C 854baafc00c433cccbe0ab4231b77aeb9b637b77","854baafc00c433cccbe0ab4231b77aeb9b637b77",{"version":454,"is_range":445,"range_type":124,"version_start":446,"version_start_type":447,"version_end":455,"version_end_type":449,"fixed_in":9},">= 34f26a15611afb03c33df6819359d36f5b382589, \u003C 7e64474aba78d240f7804f48f2d454dcca78b15f","7e64474aba78d240f7804f48f2d454dcca78b15f",{"version":457,"is_range":445,"range_type":124,"version_start":446,"version_start_type":447,"version_end":458,"version_end_type":449,"fixed_in":9},">= 34f26a15611afb03c33df6819359d36f5b382589, \u003C ac5cda4fae8818cf1963317bb699f7f2f85b60af","ac5cda4fae8818cf1963317bb699f7f2f85b60af",{"version":460,"is_range":445,"range_type":124,"version_start":446,"version_start_type":447,"version_end":461,"version_end_type":449,"fixed_in":9},">= 34f26a15611afb03c33df6819359d36f5b382589, \u003C 3c9ba2777d6c86025e1ba4186dc5cd930e40ec5f","3c9ba2777d6c86025e1ba4186dc5cd930e40ec5f",{"version":463,"is_range":112,"range_type":124,"version_start":463,"version_start_type":447,"version_end":463,"version_end_type":447,"fixed_in":9},"6.1",{"ecosystem":9,"name":465,"vendor":440,"product":466,"cpe_part":433,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},"linux kernel","linux_kernel",[468,471,475,479,483,485,487,489,491],{"version":469,"is_range":445,"range_type":437,"version_start":463,"version_start_type":447,"version_end":470,"version_end_type":449,"fixed_in":9},"gte6.1_lt6.1.153","6.1.153",{"version":472,"is_range":445,"range_type":437,"version_start":473,"version_start_type":447,"version_end":474,"version_end_type":449,"fixed_in":9},"gte6.2_lt6.6.107","6.2","6.6.107",{"version":476,"is_range":445,"range_type":437,"version_start":477,"version_start_type":447,"version_end":478,"version_end_type":449,"fixed_in":9},"gte6.7_lt6.12.48","6.7","6.12.48",{"version":480,"is_range":445,"range_type":437,"version_start":481,"version_start_type":447,"version_end":482,"version_end_type":449,"fixed_in":9},"gte6.13_lt6.16.8","6.13","6.16.8",{"version":484,"is_range":112,"range_type":437,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc1",{"version":486,"is_range":112,"range_type":437,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc2",{"version":488,"is_range":112,"range_type":437,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc3",{"version":490,"is_range":112,"range_type":437,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc4",{"version":492,"is_range":112,"range_type":437,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc5"]