#VU115586 Resource management error in Linux kernel - CVE-2025-39756
Published: September 16, 2025
Vulnerability identifier: #VU115586
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-39756
CWE-ID: CWE-399
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the alloc_fdtable() function in fs/file.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/04a2c4b4511d186b0fce685da21085a5d4acd370
- https://git.kernel.org/stable/c/237e416eb62101f21b28c9e6e564d10efe1ecc6f
- https://git.kernel.org/stable/c/628fc28f42d979f36dbf75a6129ac7730e30c04e
- https://git.kernel.org/stable/c/749528086620f8012b83ae032a80f6ffa80c45cd
- https://git.kernel.org/stable/c/9f61fa6a2a89a610120bc4e5d24379c667314b5c
- https://git.kernel.org/stable/c/b4159c5a90c03f8acd3de345a7f5fc63b0909818
- https://git.kernel.org/stable/c/d4f9351243c17865a8cdbe6b3ccd09d0b13a7bcc
- https://git.kernel.org/stable/c/dfd1f4ea98c3bd3a03d12169b5b2daa1f0a3e4ae
- https://git.kernel.org/stable/c/f95638a8f22eba307dceddf5aef9ae2326bbcf98