CVE-2025-39813

EUVD-2025-29601
In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix potential warning in trace_printk_seq during ftrace_dump

When calling ftrace_dump_one() concurrently with reading trace_pipe,
a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race
condition.

The issue occurs because:

CPU0 (ftrace_dump)                              CPU1 (reader)
echo z > /proc/sysrq-trigger

!trace_empty(&iter)
trace_iterator_reset(&iter) <- len = size = 0
                                                cat /sys/kernel/tracing/trace_pipe
trace_find_next_entry_inc(&iter)
  __find_next_entry
    ring_buffer_empty_cpu <- all empty
  return NULL

trace_printk_seq(&iter.seq)
  WARN_ON_ONCE(s->seq.len >= s->seq.size)

In the context between trace_empty() and trace_find_next_entry_inc()
during ftrace_dump, the ring buffer data was consumed by other readers.
This caused trace_find_next_entry_inc to return NULL, failing to populate
`iter.seq`. At this point, due to the prior trace_iterator_reset, both
`iter.seq.len` and `iter.seq.size` were set to 0. Since they are equal,
the WARN_ON_ONCE condition is triggered.

Move the trace_printk_seq() into the if block that checks to make sure the
return value of trace_find_next_entry_inc() is non-NULL in
ftrace_dump_one(), ensuring the 'iter.seq' is properly populated before
subsequent operations.
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
siemens-SADPADP
4.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
2.6.28 ≤
𝑥
< 5.4.298
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.242
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.191
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.150
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.104
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.45
linuxlinux_kernel
6.13 ≤
𝑥
< 6.16.5
linuxlinux_kernel
6.17:rc1
linuxlinux_kernel
6.17:rc2
debiandebian_linux
11.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
SiemensSIMATIC CN 4100
𝑥
< V5.0
ADP
siemenssimatic_cn_4100
𝑥
< 5.0
ADP
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.176-1
fixed
bullseye
vulnerable
bullseye (security)
5.10.259-1
fixed
forky
7.0.13-1
fixed
sid
7.0.14-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.94-1
fixed
linux-6.1
bullseye (security)
6.1.174-1~deb11u1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cluster-md-kmp-default
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
dlm-kmp-default
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
gfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
kernel-64kb
suse enterprise desktop 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.31.1
fixed
kernel-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.55.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.27.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.55.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.27.1
fixed
kernel-default
suse enterprise desktop 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.31.1
fixed
kernel-default-base
suse enterprise desktop 15 SP6
6.4.0-150600.23.78.1.150600.12.34.2
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.31.1.150700.17.21.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.78.1.150600.12.34.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.31.1.150700.17.21.1
fixed
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1.150600.12.40.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.31.1.150700.17.21.1
fixed
kernel-default-man
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
kernel-obs-build
suse enterprise desktop 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.31.1
fixed
kernel-source
suse enterprise desktop 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.31.1
fixed
kernel-source-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.55.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.27.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.55.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.27.1
fixed
kernel-zfcpdump
suse enterprise desktop 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.78.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.31.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.31.1
fixed
ocfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.293.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
reiserfs-kmp-default
suse enterprise server 15 SP6
6.4.0-150600.23.87.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
bpftool
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
bpftool-debuginfo
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
bpftool6.12
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
bpftool6.12-debuginfo
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-debuginfo
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-debuginfo-common-aarch64
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-debuginfo-common-x86_64
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-devel
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-headers
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-libbpf
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-libbpf-debuginfo
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-libbpf-devel
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-libbpf-static
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-livepatch-6.1.150-174.273
Amazon Linux 2023
1:1.0-0.amzn2023
fixed
kernel-livepatch-6.12.46-66.121
Amazon Linux 2023
1:1.0-0.amzn2023
fixed
kernel-modules-extra
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-modules-extra-common
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-tools
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-tools-debuginfo
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel-tools-devel
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
kernel6.12
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-debuginfo
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-debuginfo-common-aarch64
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-debuginfo-common-x86_64
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-devel
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-headers
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-libbpf
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-libbpf-debuginfo
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-libbpf-devel
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-libbpf-static
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-modules-extra
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-modules-extra-common
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-tools
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-tools-debuginfo
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
kernel6.12-tools-devel
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
perf
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
perf-debuginfo
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
perf6.12
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
perf6.12-debuginfo
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
python3-perf
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
python3-perf-debuginfo
Amazon Linux 2023
1:6.1.150-174.273.amzn2023
fixed
python3-perf6.12
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
python3-perf6.12-debuginfo
Amazon Linux 2023
1:6.12.46-66.121.amzn2023
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
kernel
Azure Linux 3.0
0:6.6.104.2-1.azl3
fixed
CBL-Mariner 2.0
0:5.15.200.1-1.cm2
fixed