#VU115488 Improper locking in Linux kernel - CVE-2025-39773
Published: September 16, 2025
Vulnerability identifier: #VU115488
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-39773
CWE-ID: CWE-667
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net/bridge/br_private.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/34171b9e53bd1dc264f5556579f2b04f04435c73
- https://git.kernel.org/stable/c/43e281fde5e76a866a4d10780c35023f16c0e432
- https://git.kernel.org/stable/c/5bf5fce8a0c2a70d063af778fdb5b27238174cdd
- https://git.kernel.org/stable/c/96476b043efb86a94f2badd260f7f99c97bd5893
- https://git.kernel.org/stable/c/bdb19cd0de739870bb3494c815138b9dc30875c4
- https://git.kernel.org/stable/c/d1547bf460baec718b3398365f8de33d25c5f36f