CVE-2025-38686 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry When UFFDIO_MOVE encounters a migration PMD entry, it proceeds with obtaining a folio and accessing it even though the entry is swp_entry_t. Add the missing check and let split_huge_pmd() handle migration entries. While at it also remove unnecessary folio check. [surenb@google.com: remove extra folio check, per David]

PUBLISHED Reserved 2025-04-16 | Published 2025-09-04 | Updated 2025-09-29 | Assigner Linux

Product status

Default status

unaffected

adef440691bab824e39c1b17382322d195e1fab0 (git) before bb81c18dbd42650c844e160cafa7cbb20243a96a

affected

adef440691bab824e39c1b17382322d195e1fab0 (git) before 1202abad7a7ccd28c426d2844771a387b07629a4

affected

adef440691bab824e39c1b17382322d195e1fab0 (git) before 7f1101a0a181243ad587ececdffc4845f035549f

affected

adef440691bab824e39c1b17382322d195e1fab0 (git) before aba6faec0103ed8f169be8dce2ead41fcb689446

affected

Default status

affected

6.8

affected

Any version before 6.8

unaffected

6.12.43 (semver)

unaffected

6.15.11 (semver)

unaffected

6.16.2 (semver)

unaffected

6.17 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/bb81c18dbd42650c844e160cafa7cbb20243a96a

git.kernel.org/...c/1202abad7a7ccd28c426d2844771a387b07629a4

git.kernel.org/...c/7f1101a0a181243ad587ececdffc4845f035549f

git.kernel.org/...c/aba6faec0103ed8f169be8dce2ead41fcb689446

cve.org (CVE-2025-38686)

nvd.nist.gov (CVE-2025-38686)

Download JSON

help @ threatint.eu