futex security

The futex security tag covers vulnerabilities and fixes related to the Linux kernel's futex subsystem, which provides user-space synchronization primitives. Recent content focuses on CVE-2025-40341, a race condition in the futex robust list handling that could allow a local attacker to read another process's futex robust_list pointer across an exec boundary. This disclosure primitive weakens kernel isolation guarantees and is particularly relevant for multi-tenant and high-risk hosts. The tag includes discussions of kernel patches, security implications, and mitigation strategies for futex-related issues.