PT-2025-27687 · Linux+6 · Linux Kernel+6
Published
2025-02-26
·
Updated
2026-04-20
·
CVE-2025-38100
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
A vulnerability in the Linux kernel has been resolved, related to TIF IO BITMAP inconsistencies. The issue occurs when io bitmap exit() invokes task update io bitmap(), which can lead to a NULL pointer dereference. This happens in two scenarios: when io bitmap exit() is called during cleanup after a failed fork() and when a kernel thread is created with TIF IO BITMAP set but no bitmap installed. The problem is solved by adding missing cleanups and checks, including preventing io bitmap exit() from invoking task update io bitmap() for non-current tasks and clearing TIF IO BITMAP in copy thread().
Recommendations:
To resolve the issue, apply the patches that add the missing cleanups and checks, specifically:
- Prevent io bitmap exit() from invoking task update io bitmap() if the task to be cleaned up is not the current task.
- Clear TIF IO BITMAP in copy thread() unconditionally to prevent inconsistent state. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu