CVE-2025-38008

EPSS 0.05%
Veröffentlicht 18.06.2025 09:28:19
Zuletzt bearbeitet 17.11.2025 12:56:52
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

mm/page_alloc: fix race condition in unaccepted memory handling

In the Linux kernel, the following vulnerability has been resolved:

mm/page_alloc: fix race condition in unaccepted memory handling

The page allocator tracks the number of zones that have unaccepted memory
using static_branch_enc/dec() and uses that static branch in hot paths to
determine if it needs to deal with unaccepted memory.

Borislav and Thomas pointed out that the tracking is racy: operations on
static_branch are not serialized against adding/removing unaccepted pages
to/from the zone.

Sanity checks inside static_branch machinery detects it:

WARNING: CPU: 0 PID: 10 at kernel/jump_label.c:276 __static_key_slow_dec_cpuslocked+0x8e/0xa0

The comment around the WARN() explains the problem:

	/*
	 * Warn about the '-1' case though; since that means a
	 * decrement is concurrent with a first (0->1) increment. IOW
	 * people are trying to disable something that wasn't yet fully
	 * enabled. This suggests an ordering problem on the user side.
	 */

The effect of this static_branch optimization is only visible on
microbenchmark.

Instead of adding more complexity around it, remove it altogether.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

NVD 9 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.5 < 6.6.92

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.30

Linux ≫ Linux Kernel Version >= 6.13 < 6.14.8

Linux ≫ Linux Kernel Version6.15 Updaterc1

Linux ≫ Linux Kernel Version6.15 Updaterc2

Linux ≫ Linux Kernel Version6.15 Updaterc3

Linux ≫ Linux Kernel Version6.15 Updaterc4

Linux ≫ Linux Kernel Version6.15 Updaterc5

Linux ≫ Linux Kernel Version6.15 Updaterc6

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.154

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	1	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/98fdd2f612e949c652693f6df00442c81037776d

Patch

https://git.kernel.org/stable/c/74953f93f47a45296cc2a3fd04e2a3202ff3fa53

Patch

https://git.kernel.org/stable/c/71dda1cb10702dc2859f00eb789b0502de2176a9

Patch

https://git.kernel.org/stable/c/fefc075182275057ce607effaa3daa9e6e3bdc73

Patch

https://nvd.nist.gov/vuln/detail/CVE-2025-38008

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38008

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38008

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-38008