CVE-2025-31173

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Apr 7, 2025

CWE ID 280

Summary

CVE-2025-31173 is a memory write permission bypass vulnerability discovered in the Linux kernel's futex module. This issue allows an attacker to bypass memory write permissions, potentially compromising the confidentiality of running services. The futex (Fast User Space Emulation of Test and Set) module is used for interprocess synchronization, making it a particularly attractive target for attackers seeking to gain unauthorized access to sensitive data. Successful exploitation of this vulnerability could lead to significant security risks, underscoring the importance of prompt patching and system hardening.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

HarmonyOS

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners