SB2025100415 - Use-after-free in Linux kernel cgroup
Published: October 4, 2025
Security Bulletin ID
SB2025100415
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2025-39953)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the DEFINE_PERCPU_RWSEM(), css_release_work_fn(), css_release(), css_create(), css_killed_ref_fn() and cgroup_wq_init() functions in kernel/cgroup/cgroup.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/05e0b03447cf215ec384210441b34b7a3b16e8b0
- https://git.kernel.org/stable/c/4a1e3ec28e8062cd9f339aa6a942df9c5bcb6811
- https://git.kernel.org/stable/c/79f919a89c9d06816dbdbbd168fa41d27411a7f9
- https://git.kernel.org/stable/c/993049c9b1355c78918344a6403427d53f9ee700
- https://git.kernel.org/stable/c/a0c896bda7077aa5005473e2c5b3c27173313b4c
- https://git.kernel.org/stable/c/cabadd7fd15f97090f752fd22dd7f876a0dc3dc4
- https://git.kernel.org/stable/c/ded4d207a3209a834b6831ceec7f39b934c74802
- https://git.kernel.org/stable/c/f2795d1b92506e3adf52a298f7181032a1525e04