CVE-2025-39752 – This CVE describes a race condition vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-39752?

CVE-2025-39752 has a CVSS score of 5.5 (MEDIUM). This CVE describes a race condition vulnerability in the Linux kernel's ARM Rockchip SMP initialization code that can cause kernel hangs during boot on RK3188-based systems. The vulnerability occurs when secondary CPUs execute trampoline code before the main CPU expects, leading to system instability. This affects Linux systems running on Rockchip RK3188 ARM processors.

📋 TL;DR

This CVE describes a race condition vulnerability in the Linux kernel's ARM Rockchip SMP initialization code that can cause kernel hangs during boot on RK3188-based systems. The vulnerability occurs when secondary CPUs execute trampoline code before the main CPU expects, leading to system instability. This affects Linux systems running on Rockchip RK3188 ARM processors.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected kernel versions not specified in CVE, but patches exist in stable kernel trees

Operating Systems: Linux distributions running on Rockchip RK3188 ARM processors

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Rockchip RK3188 ARM processors; vulnerability manifests during SMP initialization at boot time

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System fails to boot completely, requiring physical intervention or hardware reset to recover.

🟠

Likely Case

Intermittent boot failures or system hangs during startup, particularly on RK3188-based devices.

🟢

If Mitigated

No impact if patched or if affected hardware is not in use.

🌐 Internet-Facing: LOW - This is a local boot-time vulnerability that cannot be triggered remotely.

🏢 Internal Only: MEDIUM - Affects system availability during boot but requires physical or local access to trigger.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires ability to trigger system reboots and relies on timing conditions; not a remote code execution vulnerability

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits: 0223a3683d502b7e5eb2eb4ad7e97363fa88d531, 1eb67589a7e091b1e5108aab72fddbf4dc69af2c, 265583266d93db4ff83d088819b1f63fdf0131db, 3c6bf7a324b8995b9c7d790c8d2abf0668f51551, 47769dab9073a73e127aa0bfd0ba4c51eaccdc33)

Vendor Advisory: https://git.kernel.org/stable/c/

Restart Required: Yes

Instructions:

1. Update to a patched Linux kernel version containing the fixes. 2. Reboot the system to load the new kernel. 3. Verify the system boots without hangs.

🔧 Temporary Workarounds

Disable SMP/Secondary CPUs

all

Boot with SMP disabled to avoid the race condition during secondary CPU initialization

Add 'maxcpus=1' to kernel boot parameters

🧯 If You Can't Patch

Implement monitoring for boot failures and have recovery procedures ready
Consider replacing affected hardware with non-RK3188 systems if stability is critical

🔍 How to Verify

Check if Vulnerable:

Check if system uses Rockchip RK3188 processor and experiences intermittent boot hangs during SMP initialization

Check Version:

uname -r

Verify Fix Applied:

Monitor system boot logs for successful SMP initialization without hangs; check kernel version includes the fix commits

📡 Detection & Monitoring

Log Indicators:

Kernel hang messages during boot
'rockchip_smp_prepare_cpus' log entries followed by system freeze
Secondary CPU initialization failures

Network Indicators:

None - this is a local boot-time issue

SIEM Query:

kernel: "rockchip_smp_prepare_cpus" AND ("hang" OR "freeze" OR "panic")

📊 Metadata

CVE ID: CVE-2025-39752

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score: 0.01% exploit probability (1th percentile)

Published: September 11, 2025

Last Updated: January 9, 2026

🔗 References

https://git.kernel.org/stable/c/0223a3683d502b7e5eb2eb4ad7e97363fa88d531 Patch
https://git.kernel.org/stable/c/1eb67589a7e091b1e5108aab72fddbf4dc69af2c Patch
https://git.kernel.org/stable/c/265583266d93db4ff83d088819b1f63fdf0131db Patch
https://git.kernel.org/stable/c/3c6bf7a324b8995b9c7d790c8d2abf0668f51551 Patch
https://git.kernel.org/stable/c/47769dab9073a73e127aa0bfd0ba4c51eaccdc33 Patch
https://git.kernel.org/stable/c/7cdb433bb44cdc87dc5260cdf15bf03cc1cd1814 Patch
https://git.kernel.org/stable/c/888a453c2a239765a7ab4de8a3cedae2e3802528 Patch
https://git.kernel.org/stable/c/c0726d1e466e2d0da620836e293a59e6427ccdff Patch
https://git.kernel.org/stable/c/d7d6d076ee9532c4668f14696a35688d35dd16f4 Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Third Party Advisory,Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory,Mailing List

📤 Share & Export

📄 Export Markdown 📋 Export JSON