CVE-2025-40024

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> vhost: Take a reference on the task in struct vhost_task.<br /> <br /> vhost_task_create() creates a task and keeps a reference to its<br /> task_struct. That task may exit early via a signal and its task_struct<br /> will be released.<br /> A pending vhost_task_wake() will then attempt to wake the task and<br /> access a task_struct which is no longer there.<br /> <br /> Acquire a reference on the task_struct while creating the thread and<br /> release the reference while the struct vhost_task itself is removed.<br /> If the task exits early due to a signal, then the vhost_task_wake() will<br /> still access a valid task_struct. The wake is safe and will be skipped<br /> in this case.