CVE-2025-38029

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc5

Description A vulnerability in the Linux kernel has been resolved, related to sleepable page allocation from atomic context. The apply to pte range() function enters the lazy MMU mode and invokes the kasan populate vmalloc pte() callback on each page table walk iteration. However, the callback can go into sleep when trying to allocate a single page. This issue can cause a crash, as seen in the s390 architecture when arch enter lazy mmu mode() and arch leave lazy mmu mode() are called.

Recommendations For Linux kernel versions prior to 6.15.0-rc5, consider updating to a newer version to resolve the issue. As a temporary workaround, consider disabling the kasan populate vmalloc pte() callback until a patch is available. Restrict access to the vulnerable apply to pte range() function to minimize the risk of exploitation.

Note: At the moment, there is no information about a newer version that contains a fix for this vulnerability, other than updating to a version after 6.15.0-rc5.