CVE-2025-38084

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version containing the fix for this issue

Description: The issue is related to the Linux kernel's handling of huge page tables during VMA split. The problem arises because the split vma() function triggers hugetlb page table unsharing too early, before the VMA lock and rmap locks are taken. This allows racing VMA-locked page faults and racing rmap walks from other processes to cause page tables to be shared again before the split is performed. The fix involves explicitly calling the hugetlb unshare logic from split vma() when both the VMA and the rmap(s) are write-locked.

Recommendations: For Linux kernel versions prior to the fixed version, consider applying the patch that fixes the racy protection introduced in commit b30c14cd6102. As a temporary workaround, no specific mitigation measures are mentioned, but ensuring that the VMA and rmap locks are properly handled during VMA split can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.