CVE-2025-39760
high
CVSS v3
7.1
CVSS v4 NEW
โ
VIR risk
7.1
Description
RHSA-2026:1662: kernel security update (Moderate)
Predictions
Exploit likelihood
70%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rocky | 8 | fixed | |
| rhel | 9 | fixed | |
| sles | affected | | |
| rocky | 9 | fixed | |
| debian | bookworm | fixed | 6.1.153-1 |
| debian | bullseye | fixed | 5.10.244-1 |
| debian | forky | fixed | 6.16.3-1 |
| debian | sid | fixed | 6.16.3-1 |
| debian | trixie | fixed | 6.12.43-1 |
| linux-kernel | affected | 5.10.241 | |
| debian | 11.0 | affected | |
| almalinux | 9 | fixed | kernel-64k-devel-5.14.0-611.30.1.el9_7.aarch64.rpm |
| rhel | 8 | fixed | |
References
- https://errata.rockylinux.org/RLSA-2026:1661
- https://errata.rockylinux.org/RLSA-2026:1662
- https://access.redhat.com/errata/RHSA-2026:2212
- https://git.kernel.org/stable/c/058ad2b722812708fe90567875704ae36563e33b
- https://git.kernel.org/stable/c/4fe6f472f0beef4281e6f03bc38a910a33be663f
- https://git.kernel.org/stable/c/5badd56c711e2c8371d1670f9bd486697575423c
- https://git.kernel.org/stable/c/5c3097ede7835d3caf6543eb70ff689af4550cd2
- https://git.kernel.org/stable/c/9512510cee7d1becdb0e9413fdd3ab783e4e30ee
- https://git.kernel.org/stable/c/9843bcb187cb933861f7805022e6873905f669e4
- https://git.kernel.org/stable/c/b10e0f868067c6f25bbfabdcf3e1e6432c24ca55
- https://git.kernel.org/stable/c/cf16f408364efd8a68f39011a3b073c83a03612d
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://cert-portal.siemens.com/productcert/html/ssa-032379.html
- https://www.suse.com/security/cve/CVE-2025-39760.html
- https://errata.rockylinux.org/RLSA-2026:2212
- https://security-tracker.debian.org/tracker/CVE-2025-39760
- https://access.redhat.com/errata/RHSA-2026:1662
- https://bugzilla.redhat.com/2273187
- https://bugzilla.redhat.com/2373326
- https://bugzilla.redhat.com/2373354
- https://bugzilla.redhat.com/2383404
- https://bugzilla.redhat.com/2383487
- https://bugzilla.redhat.com/2394601
- https://bugzilla.redhat.com/2418876
CWEs
CWE-125
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.