cve 2025 40341

CVE-2025-40341 is a Linux kernel vulnerability that involves a race condition in the futex robust list handling during process exec. The flaw could allow a local attacker to read another process's futex robust_list pointer across an exec boundary, reducing post-exec isolation guarantees. While not a direct remote root exploit, it poses a risk on multi-tenant and high-risk hosts. The fix addresses the race by securing the exec state, ensuring that robust list pointers are properly cleared or protected during exec. This vulnerability is relevant for Linux system administrators and security professionals managing kernel updates, particularly in environments where local privilege escalation or information disclosure is a concern.