CVE-2025-21907

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc1-00018-gacdb4bbda7ab

Description The vulnerability resides in the Linux kernel within the do migrate range() function (mm/memory hotplug.c) and the get hwpoison page(), unmap poisoned folio(), and hwpoison user mappings() functions (mm/memory-failure.c). It is related to improper resource management. The issue involves two bugs during folio migration when a folio is poisoned. A patch series "mm: memory failure: unmap poisoned folio during migrate properly", version 3, addresses these issues by updating the ttu flag inside unmap poisoned folio(). The commit 6da6b1d4a7df introduced TTU HWPOISON to prevent sending SIGBUS signals when accessing an error page after a memory error on a clean folio. However, during page migration, the anon folio needed to be set with TTU HWPOISON during unmap operations. The fix moves the policy from hwpoison user mappings to unmap poisoned folio to handle this warning correctly.

Recommendations Upgrade to Linux kernel version 6.13.0-rc1-00018-gacdb4bbda7ab or a later version to address this issue.