CVE-2025-39912

Published: Oct 1, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: nfs/localio: restore creds before releasing pageio data Otherwise if the nfsd filecache code releases the nfsd_file immediately, it can trigger the BUG_ON(cred == current->cred) in __put_cred() when it puts the nfsd_file->nf_file->f-cred.

Vendor	Product	Versions
Linux	Linux	affected `b9f5dd57f4a52990963eeb1f1b58d00f717ece69 - < 57c1bb02b4fc8eec6eb01736e7fad26dffacf18c` affected `b9f5dd57f4a52990963eeb1f1b58d00f717ece69 - < c250be1d75bf80dc5ab46f0b434b746c1868a1ea` affected `b9f5dd57f4a52990963eeb1f1b58d00f717ece69 - < 992203a1fba51b025c60ec0c8b0d9223343dea95`
Linux	Linux	affected `6.12` unaffected `0 - < 6.12` unaffected `6.12.48 - <= 6.12.` unaffected `6.16.8 - <= 6.16.` unaffected `6.17 - <= *`

References

https://git.kernel.org/stable/c/57c1bb02b4fc8eec6eb01736e7fad26dffacf18c

https://git.kernel.org/stable/c/c250be1d75bf80dc5ab46f0b434b746c1868a1ea

https://git.kernel.org/stable/c/992203a1fba51b025c60ec0c8b0d9223343dea95

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39912

Description

Affected Products

References