{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-39736","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.119Z","datePublished":"2025-09-11T16:52:11.772Z","dateUpdated":"2026-05-12T12:06:38.396Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:35:16.742Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock\n\nWhen netpoll is enabled, calling pr_warn_once() while holding\nkmemleak_lock in mem_pool_alloc() can cause a deadlock due to lock\ninversion with the netconsole subsystem.  This occurs because\npr_warn_once() may trigger netpoll, which eventually leads to\n__alloc_skb() and back into kmemleak code, attempting to reacquire\nkmemleak_lock.\n\nThis is the path for the deadlock.\n\nmem_pool_alloc()\n  -> raw_spin_lock_irqsave(&kmemleak_lock, flags);\n      -> pr_warn_once()\n          -> netconsole subsystem\n\t     -> netpoll\n\t         -> __alloc_skb\n\t\t   -> __create_object\n\t\t     -> raw_spin_lock_irqsave(&kmemleak_lock, flags);\n\nFix this by setting a flag and issuing the pr_warn_once() after\nkmemleak_lock is released."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["mm/kmemleak.c"],"versions":[{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"c7b6ea0ede687e7460e593c5ea478f50aa41682a","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"4b0151e1d468eb2667c37b7af99b3c075072d334","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"f249d32bb54876b4b6c3ae071af8ddca77af390b","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"62879faa8efe8d8a9c7bf7606ee9c068012d7dac","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"1da95d3d4b7b1d380ebd87b71a61e7e6aed3265d","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"a0854de00ce2ee27edf39037e7836ad580eb3350","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"08f70be5e406ce47c822f2dd11c1170ca259605b","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"a181b228b37a6a5625dad2bb4265bb7abb673e9f","status":"affected","versionType":"git"},{"version":"c5665868183fec689dbab9fb8505188b2c4f0757","lessThan":"47b0f6d8f0d2be4d311a49e13d2fd5f152f492b2","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["mm/kmemleak.c"],"versions":[{"version":"5.4","status":"affected"},{"version":"0","lessThan":"5.4","status":"unaffected","versionType":"semver"},{"version":"5.4.297","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.241","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.190","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.149","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.103","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.43","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.15.11","lessThanOrEqual":"6.15.*","status":"unaffected","versionType":"semver"},{"version":"6.16.2","lessThanOrEqual":"6.16.*","status":"unaffected","versionType":"semver"},{"version":"6.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.4.297"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.10.241"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.15.190"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.1.149"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.6.103"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.12.43"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.15.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.16.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/c7b6ea0ede687e7460e593c5ea478f50aa41682a"},{"url":"https://git.kernel.org/stable/c/4b0151e1d468eb2667c37b7af99b3c075072d334"},{"url":"https://git.kernel.org/stable/c/f249d32bb54876b4b6c3ae071af8ddca77af390b"},{"url":"https://git.kernel.org/stable/c/62879faa8efe8d8a9c7bf7606ee9c068012d7dac"},{"url":"https://git.kernel.org/stable/c/1da95d3d4b7b1d380ebd87b71a61e7e6aed3265d"},{"url":"https://git.kernel.org/stable/c/a0854de00ce2ee27edf39037e7836ad580eb3350"},{"url":"https://git.kernel.org/stable/c/08f70be5e406ce47c822f2dd11c1170ca259605b"},{"url":"https://git.kernel.org/stable/c/a181b228b37a6a5625dad2bb4265bb7abb673e9f"},{"url":"https://git.kernel.org/stable/c/47b0f6d8f0d2be4d311a49e13d2fd5f152f492b2"}],"title":"mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T17:42:52.536Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T12:06:38.396Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC CN 4100","versions":[{"status":"affected","version":"0","lessThan":"V5.0","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html"}]}]}}