CVE-2025-38195

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A panic in the Linux kernel has been resolved, specifically related to the LoongArch architecture. The issue occurs when a NULL-PMD is encountered in the huge pte offset() function, leading to a kernel paging request error. The error is characterized by a call trace that includes functions such as huge pte offset(), hugetlb follow page mask(), and sys madvise(). In some cases, the pmd may be NULL, and the code relies on this NULL value for processing, necessitating a check for this situation.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252

Related Identifiers

BDU:2025-13473

CVE-2025-38195

ECHO-AAAF-9029-AEF6

MGASA-2025-0218

MGASA-2025-0219

OESA-2025-1823

OESA-2025-1824

OESA-2025-1870

Affected Products

Astra Linux

Debian

Linux Kernel

CVE-2025-38195

Weakness Enumeration

Related Identifiers

Affected Products

References · 100