CVE-2025-40218

EPSS 0.02%
Veröffentlicht 04.12.2025 14:50:41
Zuletzt bearbeitet 04.12.2025 17:15:08
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

mm/damon/vaddr: do not repeat pte_offset_map_lock() until success

DAMON's virtual address space operation set implementation (vaddr) calls
pte_offset_map_lock() inside the page table walk callback function.  This
is for reading and writing page table accessed bits.  If
pte_offset_map_lock() fails, it retries by returning the page table walk
callback function with ACTION_AGAIN.

pte_offset_map_lock() can continuously fail if the target is a pmd
migration entry, though.  Hence it could cause an infinite page table walk
if the migration cannot be done until the page table walk is finished. 
This indeed caused a soft lockup when CPU hotplugging and DAMON were
running in parallel.

Avoid the infinite loop by simply not retrying the page table walk.  DAMON
is promising only a best-effort accuracy, so missing access to such pages
is no problem.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 677ebfe5d00f94adec0c0204f6e6e2a82d3f77bf

Version 7780d04046a2288ab85d88bedacc60fa4fad9971

Status affected

Version < ac42320ec873bfe726141069cfdd90ee5bc4e885

Version 7780d04046a2288ab85d88bedacc60fa4fad9971

Status affected

Version < 0ccd91cf749536d41307a07e60ec14ab0dbf21f5

Version 7780d04046a2288ab85d88bedacc60fa4fad9971

Status affected

Version < b93af2cc8e036754c0d9970d9ddc47f43cc94b9f

Version 7780d04046a2288ab85d88bedacc60fa4fad9971

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.5

Status affected

Version < 6.5

Version 0

Status unaffected

Version <= 6.6.*

Version 6.6.113

Status unaffected

Version <= 6.12.*

Version 6.12.54

Status unaffected

Version <= 6.17.*

Version 6.17.4

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.055

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/677ebfe5d00f94adec0c0204f6e6e2a82d3f77bf

https://git.kernel.org/stable/c/ac42320ec873bfe726141069cfdd90ee5bc4e885

https://git.kernel.org/stable/c/0ccd91cf749536d41307a07e60ec14ab0dbf21f5

https://git.kernel.org/stable/c/b93af2cc8e036754c0d9970d9ddc47f43cc94b9f

https://nvd.nist.gov/vuln/detail/CVE-2025-40218

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40218

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40218

EUVD