CVE-2025-39813

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ftrace: Fix potential warning in trace_printk_seq during ftrace_dump<br /> <br /> When calling ftrace_dump_one() concurrently with reading trace_pipe,<br /> a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race<br /> condition.<br /> <br /> The issue occurs because:<br /> <br /> CPU0 (ftrace_dump) CPU1 (reader)<br /> echo z &gt; /proc/sysrq-trigger<br /> <br /> !trace_empty(&amp;iter)<br /> trace_iterator_reset(&amp;iter) = s-&gt;seq.size)<br /> <br /> In the context between trace_empty() and trace_find_next_entry_inc()<br /> during ftrace_dump, the ring buffer data was consumed by other readers.<br /> This caused trace_find_next_entry_inc to return NULL, failing to populate<br /> `iter.seq`. At this point, due to the prior trace_iterator_reset, both<br /> `iter.seq.len` and `iter.seq.size` were set to 0. Since they are equal,<br /> the WARN_ON_ONCE condition is triggered.<br /> <br /> Move the trace_printk_seq() into the if block that checks to make sure the<br /> return value of trace_find_next_entry_inc() is non-NULL in<br /> ftrace_dump_one(), ensuring the &amp;#39;iter.seq&amp;#39; is properly populated before<br /> subsequent operations.