Login Sign Up

CVE-2025-39909

5.5 MEDIUM
Denial of Service

📋 TL;DR

A divide-by-zero vulnerability in the Linux kernel's DAMON LRU_SORT module allows local attackers to trigger a kernel panic by setting certain parameters to zero. This affects systems running vulnerable Linux kernel versions with DAMON modules enabled. The vulnerability requires local access to configure DAMON parameters.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific versions with vulnerable DAMON LRU_SORT implementation (check git commits for exact ranges)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when DAMON LRU_SORT module is enabled and configured. Default configurations may not expose the vulnerability.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local denial of service causing kernel panic and system crash, potentially leading to data loss or service disruption.

🟠

Likely Case

Local denial of service causing system instability or crash when malicious users manipulate DAMON parameters.

🟢

If Mitigated

Minimal impact if DAMON modules are disabled or proper parameter validation is in place.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly reachable from network.
🏢 Internal Only: MEDIUM - Local users or processes with DAMON configuration access can cause denial of service.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access and ability to set DAMON parameters. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 326a4b3750c71af3f3c52399ec4dbe33b6da4c26, 711f19dfd783ffb37ca4324388b9c4cb87e71363, 74e391f7da7d9d5235a3cca88ee9fc18f720c75b, 7bb675c9f0257840d33e5d1337d7e3afdd74a6bf, af0ae62b935317bed1a1361c8c9579db9d300e70

Vendor Advisory: https://git.kernel.org/stable/c/326a4b3750c71af3f3c52399ec4dbe33b6da4c26

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable DAMON LRU_SORT module

linux

Prevent exploitation by disabling the vulnerable DAMON LRU_SORT module

echo 0 > /sys/kernel/mm/damon/lru_sort/enabled

Restrict DAMON parameter access

linux

Limit access to DAMON configuration files to prevent malicious parameter changes

chmod 600 /sys/kernel/mm/damon/lru_sort/*
chown root:root /sys/kernel/mm/damon/lru_sort/*

🧯 If You Can't Patch

  • Disable DAMON LRU_SORT module via sysfs interface
  • Implement strict access controls on /sys/kernel/mm/damon/lru_sort/ directory

🔍 How to Verify

Check if Vulnerable:

Check if DAMON LRU_SORT is enabled: cat /sys/kernel/mm/damon/lru_sort/enabled. If returns 1 and kernel version is unpatched, system is vulnerable.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits and test parameter validation by attempting to set sample_interval=0 (should return error).

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs mentioning divide error or DAMON
  • System crash/reboot events without clear cause

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("divide error" OR "DAMON" OR "lru_sort")

📊 Metadata

CVE ID: CVE-2025-39909
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-369
EPSS Score: 0.02% exploit probability (5.5th percentile)
Published: October 1, 2025
Last Updated: January 16, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-39909, you might also want to check these:

CVE-2021-32494 10.0

CVE-2021-32494 is a division by zero vulnerability in Radare2's Mach-O parser that allows attackers ...

Same vulnerability type (CWE-369)
CVE-2020-20892 8.8

A division by zero vulnerability in FFmpeg's lens correction filter allows attackers to cause denial...

Same vulnerability type (CWE-369)
CVE-2023-3896 7.8

This vulnerability is a divide-by-zero error in Vim text editor versions 9.0.1367-1 through 9.0.1367...

Same vulnerability type (CWE-369)