CVE-2025-39749: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-39749 is a vulnerability discovered in the Linux kernel affecting systems built with CONFIGIRQWORK=y. The vulnerability was disclosed on September 11, 2025, and involves a data race condition in the RCU (Read-Copy-Update) subsystem (NVD).

The vulnerability occurs when rcureadunlock() is invoked within an interrupts-disabled region of code. In this scenario, it calls rcureadunlockspecial(), which uses an irq-work handler to force the system to notice when the RCU read-side critical section ends. The issue specifically affects the per-CPU rcudata structure's ->deferqsiwpending field, which is updated by both the irq-work handler and rcureadunlockspecial(), leading to a data race condition. This race condition was detected by KCSAN (Kernel Concurrency Sanitizer) (NVD).

The vulnerability affects Linux kernel systems using the RCU subsystem with specific configurations. The issue is particularly relevant for kernels booted with rcutree.use_softirq=y, where the irq-work handler is used unconditionally (NVD).

The issue has been resolved by disabling interrupts across the portion of the rcupreemptdeferredqshandler() that updates the ->deferqsiw_pending field. This solution was deemed appropriate as this handler is not on a critical performance path (NVD).