CVE-2025-39895
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's scheduler function sched_numa_find_nth_cpu() can cause kernel panic when all CPUs in a NUMA mask are offline. This affects Linux systems with specific boot configurations where big CPU cores are disabled, potentially causing system crashes during boot or runtime. The vulnerability primarily impacts systems with asymmetric CPU architectures and specific kernel boot parameters.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote reboot to restore functionality.
Likely Case
System crash during boot when using maxcpus parameter to disable CPU cores, preventing system startup.
If Mitigated
No impact if systems don't use affected boot parameters or have all CPUs online.
🎯 Exploit Status
Exploitation requires specific hardware configuration and boot parameters; more of a stability bug than security vulnerability
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check git commits: 5ebf512f335053a42482ebff91e46c6dc156bf8c, b3ec50cc5eb5ca84256ca701d28b137a6036c412, b921c288cd8abef9af5b59e056a63cc2c263a9e3, f9b8d4dba8e78c1887fecd81ba0d8204d6ff05fc
Vendor Advisory: https://git.kernel.org/stable/c/5ebf512f335053a42482ebff91e46c6dc156bf8c
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Rebuild kernel if using custom build. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Avoid maxcpus boot parameter
linuxDo not use maxcpus boot parameter that leaves all CPUs in a NUMA mask offline
Edit /etc/default/grub and remove maxcpus parameter
Update grub: update-grub (Debian/Ubuntu) or grub2-mkconfig -o /boot/grub2/grub.cfg (RHEL/CentOS)
Keep all CPUs online
linuxEnsure all CPU cores are enabled during boot
Check current CPUs: cat /proc/cpuinfo | grep processor
Enable CPUs: echo 1 > /sys/devices/system/cpu/cpuX/online (for each offline CPU)
🧯 If You Can't Patch
- Avoid using maxcpus boot parameter that disables all CPUs in a NUMA domain
- Monitor system logs for kernel panic messages related to sched_numa_find_nth_cpu
🔍 How to Verify
Check if Vulnerable:
Check kernel version and boot parameters: uname -r and cat /proc/cmdline | grep maxcpusCheck Version:
uname -rVerify Fix Applied:
Check kernel version after update and verify no crashes occur with previously problematic configurations📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning sched_numa_find_nth_cpu
- NULL pointer dereference errors in kernel logs
- System crash during boot with maxcpus parameter
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("sched_numa_find_nth_cpu" OR "NULL pointer dereference" OR "Kernel panic")