3 matches found
ROOT-OS-UBUNTU-2404-CVE-2025-39877 CVE-2025-39877 in rootio-linux - Patched by Root
Root has patched CVE-2025-39877 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
CVE-2025-39877
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx = kdamond-damonctx;...
CVE-2025-39877
The CVE-2025-39877 issue is a Linux kernel use-after-free in mm/damon/sysfs: state_show() reads kdamond->damon_ctx without holding damon_sysfs_lock, allowing a UAF when damon_ctx is freed under damon_sysfs_lock. A fix mirrors pid_show() by taking damon_sysfs_lock before dereferencing the conte...