CVE-2025-39698

Published: Sep 5, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on failure The io_futex_data is allocated upfront and assigned to the io_kiocb async_data field, but the request isn't marked with REQ_F_ASYNC_DATA at that point. Those two should always go together, as the flag tells io_uring whether the field is valid or not. Additionally, on failure cleanup, the futex handler frees the data but does not clear ->async_data. Clear the data and the flag in the error path as well. Thanks to Trend Micro Zero Day Initiative and particularly ReDress for reporting this.

Vendor	Product	Versions
Linux	Linux	affected `194bb58c6090e39bd7d9b9c888a079213628e1f6 - < d9f93172820a53ab42c4b0e5e65291f4f9d00ad2` affected `194bb58c6090e39bd7d9b9c888a079213628e1f6 - < d34c04152df517c59979b4bf2a47f491e06d3256` affected `194bb58c6090e39bd7d9b9c888a079213628e1f6 - < 508c1314b342b78591f51c4b5dadee31a88335df`
Linux	Linux	affected `6.7` unaffected `0 - < 6.7` unaffected `6.12.44 - <= 6.12.` unaffected `6.16.4 - <= 6.16.` unaffected `6.17 - <= *`

References

https://git.kernel.org/stable/c/d9f93172820a53ab42c4b0e5e65291f4f9d00ad2

https://git.kernel.org/stable/c/d34c04152df517c59979b4bf2a47f491e06d3256

https://git.kernel.org/stable/c/508c1314b342b78591f51c4b5dadee31a88335df

https://www.zerodayinitiative.com/advisories/ZDI-25-915/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39698

Description

Affected Products

References