CVE-2025-40201: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's sysprlimit64() function was discovered and assigned CVE-2025-40201. The issue was disclosed on November 12, 2025, affecting the kernel/sys.c component. This vulnerability involves a race condition in the usage of tasklock(tsk->groupleader) in sysprlimit64() paths (NVD).

The vulnerability stems from a broken implementation in the sysprlimit64()->doprlimit() path. While sysprlimit64() obtains taskstruct(tsk), this only protects the taskstruct itself. When tsk is not the current process or leader, process exit/exec operations can lead to using an already freed taskstruct. Additionally, there's a race condition with mt-exec that modifies groupleader, potentially causing doprlimit() to take the wrong lock or experience groupleader changes between tasklock() and task_unlock() operations (NVD).

The vulnerability could lead to use-after-free conditions and race conditions in the Linux kernel, potentially affecting system stability and security. The issue is particularly concerning as it involves core kernel functionality related to process management (NVD).

The fix involves modifying sysprlimit64() to take tasklistlock when necessary. While this solution is noted as not being ideal, it was deemed the most appropriate fix for stable kernel versions (NVD).