-
CVE-2025-38510
- EPSS 0.03%
- Veröffentlicht 16.08.2025 10:54:52
- Zuletzt bearbeitet 18.08.2025 20:16:28
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved:
kasan: remove kasan_find_vm_area() to prevent possible deadlock
find_vm_area() couldn't be called in atomic_context. If find_vm_area() is
called to reports vm area information, kasan can trigger deadlock like:
CPU0 CPU1
vmalloc();
alloc_vmap_area();
spin_lock(&vn->busy.lock)
spin_lock_bh(&some_lock);
<interrupt occurs>
<in softirq>
spin_lock(&some_lock);
<access invalid address>
kasan_report();
print_report();
print_address_description();
kasan_find_vm_area();
find_vm_area();
spin_lock(&vn->busy.lock) // deadlock!
To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
595f78d99b9051600233c0a5c4c47e1097e6ed01
Version
c056a364e9546bd513d1f5205f0ee316d8acb910
Status
affected
Version <
8377d7744bdce5c4b3f1b58924eebd3fdc078dfc
Version
c056a364e9546bd513d1f5205f0ee316d8acb910
Status
affected
Version <
2d89dab1ea6086e6cbe6fe92531b496fb6808cb9
Version
c056a364e9546bd513d1f5205f0ee316d8acb910
Status
affected
Version <
0c3566d831def922cd56322c772a7b20d8b0e0c0
Version
c056a364e9546bd513d1f5205f0ee316d8acb910
Status
affected
Version <
6ee9b3d84775944fb8c8a447961cd01274ac671c
Version
c056a364e9546bd513d1f5205f0ee316d8acb910
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.18
Status
affected
Version <
5.18
Version
0
Status
unaffected
Version <=
6.1.*
Version
6.1.146
Status
unaffected
Version <=
6.6.*
Version
6.6.99
Status
unaffected
Version <=
6.12.*
Version
6.12.39
Status
unaffected
Version <=
6.15.*
Version
6.15.7
Status
unaffected
Version <=
*
Version
6.16
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.056 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|