CVE-2025-38510 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasan_find_vm_area() to prevent possible deadlock find_vm_area() couldn't be called in atomic_context. If find_vm_area() is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc(); alloc_vmap_area(); spin_lock(&vn->busy.lock) spin_lock_bh(&some_lock); <interrupt occurs> <in softirq> spin_lock(&some_lock); <access invalid address> kasan_report(); print_report(); print_address_description(); kasan_find_vm_area(); find_vm_area(); spin_lock(&vn->busy.lock) // deadlock! To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().

PUBLISHED Reserved 2025-04-16 | Published 2025-08-16 | Updated 2025-08-16 | Assigner Linux

Product status

Default status

unaffected

c056a364e9546bd513d1f5205f0ee316d8acb910 before 595f78d99b9051600233c0a5c4c47e1097e6ed01

affected

c056a364e9546bd513d1f5205f0ee316d8acb910 before 8377d7744bdce5c4b3f1b58924eebd3fdc078dfc

affected

c056a364e9546bd513d1f5205f0ee316d8acb910 before 2d89dab1ea6086e6cbe6fe92531b496fb6808cb9

affected

c056a364e9546bd513d1f5205f0ee316d8acb910 before 0c3566d831def922cd56322c772a7b20d8b0e0c0

affected

c056a364e9546bd513d1f5205f0ee316d8acb910 before 6ee9b3d84775944fb8c8a447961cd01274ac671c

affected

Default status

affected

5.18

affected

Any version before 5.18

unaffected

6.1.146

unaffected

6.6.99

unaffected

6.12.39

unaffected

6.15.7

unaffected

6.16

unaffected

References

git.kernel.org/...c/595f78d99b9051600233c0a5c4c47e1097e6ed01

git.kernel.org/...c/8377d7744bdce5c4b3f1b58924eebd3fdc078dfc

git.kernel.org/...c/2d89dab1ea6086e6cbe6fe92531b496fb6808cb9

git.kernel.org/...c/0c3566d831def922cd56322c772a7b20d8b0e0c0

git.kernel.org/...c/6ee9b3d84775944fb8c8a447961cd01274ac671c

cve.org (CVE-2025-38510)

nvd.nist.gov (CVE-2025-38510)

Download JSON

help @ threatint.eu