CVE-2025-39754 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smaps_hugetlb_range and migration smaps_hugetlb_range() handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUG_ON in pfn_swap_entry_to_page(). The race is as follows. smaps_hugetlb_range migrate_pages huge_ptep_get remove_migration_ptes folio_unlock pfn_swap_entry_folio BUG_ON To fix it, hold ptl lock in smaps_hugetlb_range().

PUBLISHED Reserved 2025-04-16 | Published 2025-09-11 | Updated 2025-09-29 | Assigner Linux

Product status

Default status

unaffected

25ee01a2fca02dfb5a3ce316e77910c468108199 (git) before 2a1f3663974162b8f1e098196f557cfc1d160138

affected

25ee01a2fca02dfb5a3ce316e77910c468108199 (git) before 09fc018f48871123ad5dbd7b03c956580232ed76

affected

25ee01a2fca02dfb5a3ce316e77910c468108199 (git) before b625883ccbcc2b57808db51d1375b1d7b9bcb3e5

affected

25ee01a2fca02dfb5a3ce316e77910c468108199 (git) before 45d19b4b6c2d422771c29b83462d84afcbb33f01

affected

Default status

affected

4.4

affected

Any version before 4.4

unaffected

6.12.43 (semver)

unaffected

6.15.11 (semver)

unaffected

6.16.2 (semver)

unaffected

6.17 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/2a1f3663974162b8f1e098196f557cfc1d160138

git.kernel.org/...c/09fc018f48871123ad5dbd7b03c956580232ed76

git.kernel.org/...c/b625883ccbcc2b57808db51d1375b1d7b9bcb3e5

git.kernel.org/...c/45d19b4b6c2d422771c29b83462d84afcbb33f01

cve.org (CVE-2025-39754)

nvd.nist.gov (CVE-2025-39754)

Download JSON

help @ threatint.eu