What is CVE-2025-39974?

CVE-2025-39974 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.16 onward and patched in 6.16.10 and 6.17. CVE-2025-39974 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-39974?

CVE-2025-39974 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-39974?

Yes, CVE-2025-39974 has been patched. Fixed versions include 6.16.10 and 6.17. If you are running Linux kernel 6.16 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-39974 actively exploited?

CVE-2025-39974 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-39974

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix slab-out-of-bounds in _parse_integer_limit() When config osnoise cpus by write() syscall, the following KASAN splat may be observed: BUG: KASAN: slab-out-of-bounds in _parse_integer_limit+0x103/0x130 Read of size 1 at addr ffff88810121e3a1 by task test/447 CPU: 1 UID: 0 PID: 447 Comm: test Not tainted 6.17.0-rc6-dirty #288 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x55/0x70 print_report+0xcb/0x610 kasan_report+0xb8/0xf0 _parse_integer_limit+0x103/0x130 bitmap_parselist+0x16d/0x6f0 osnoise_cpus_write+0x116/0x2d0 vfs_write+0x21e/0xcc0 ksys_write+0xee/0x1c0 do_syscall_64+0xa8/0x2a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> This issue can be reproduced by below code: const char *cpulist = "1"; int fd=open("/sys/kernel/debug/tracing/osnoise/cpus", O_WRONLY); write(fd, cpulist, strlen(cpulist)); Function bitmap_parselist() was called to parse cpulist, it require that the parameter 'buf' must be terminated with a '\0' or '\n'. Fix this issue by adding a '\0' to 'buf' in osnoise_cpus_write().

Package Linux Kernel

Published 2025-10-15

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 6.16 and later are affected. Fixed in 6.16.10, 6.17 and their respective stable series.

Affected from

≥ 6.16

Fixed in

✓ 6.16.10 6.16.x ✓ 6.17

References

The following references provide additional information about CVE-2025-39974 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/930cb05a9e107777316b3ccf37f9556366669065
Patch
Kernel patch commit
https://git.kernel.org/stable/c/a2501032de0d1bc7971b2e43c03da534ac10ee9b
Patch

Frequently asked questions

What is CVE-2025-39974?

CVE-2025-39974 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.16 onward and has been patched in 6.16.10 and 6.17. CVE-2025-39974 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2025-39974?

Yes — CVE-2025-39974 has been patched. Fixed versions include 6.16.10 and 6.17. If you are running Linux kernel 6.16 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-39974 actively exploited?

No — CVE-2025-39974 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.