CVE-2025-39899

EPSS 0.02%
Veröffentlicht 01.10.2025 08:15:32
Zuletzt bearbeitet 02.10.2025 19:12:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

mm/userfaultfd: fix kmap_local LIFO ordering for CONFIG_HIGHPTE

With CONFIG_HIGHPTE on 32-bit ARM, move_pages_pte() maps PTE pages using
kmap_local_page(), which requires unmapping in Last-In-First-Out order.

The current code maps dst_pte first, then src_pte, but unmaps them in the
same order (dst_pte, src_pte), violating the LIFO requirement.  This
causes the warning in kunmap_local_indexed():

  WARNING: CPU: 0 PID: 604 at mm/highmem.c:622 kunmap_local_indexed+0x178/0x17c
  addr \!= __fix_to_virt(FIX_KMAP_BEGIN + idx)

Fix this by reversing the unmap order to respect LIFO ordering.

This issue follows the same pattern as similar fixes:
- commit eca6828403b8 ("crypto: skcipher - fix mismatch between mapping and unmapping order")
- commit 8cf57c6df818 ("nilfs2: eliminate staggered calls to kunmap in nilfs_rename")

Both of which addressed the same fundamental requirement that kmap_local
operations must follow LIFO ordering.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b051f707018967ea8f697d790a1ed8c443f63812

Version adef440691bab824e39c1b17382322d195e1fab0

Status affected

Version < bd1ee62759d0bd4d6b909731c076c230ac89d61e

Version adef440691bab824e39c1b17382322d195e1fab0

Status affected

Version < 9614d8bee66387501f48718fa306e17f2aa3f2f3

Version adef440691bab824e39c1b17382322d195e1fab0

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.8

Status affected

Version < 6.8

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.46

Status unaffected

Version <= 6.16.*

Version 6.16.6

Status unaffected

Version <= *

Version 6.17

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.044

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/9614d8bee66387501f48718fa306e17f2aa3f2f3

https://git.kernel.org/stable/c/b051f707018967ea8f697d790a1ed8c443f63812

https://git.kernel.org/stable/c/bd1ee62759d0bd4d6b909731c076c230ac89d61e

https://nvd.nist.gov/vuln/detail/CVE-2025-39899

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39899

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39899

EUVD