CVE-2025-38207

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version

Description: A vulnerability in the Linux kernel has been resolved, related to the mm module, specifically with the uprobe functionality. The issue occurs when expanding a vma (virtual memory area), causing the uprobe pte (page table entry) to be overwritten, leading to an orphan pte. This problem was first found in linux-6.6.y and also exists in the community syzkaller. The vulnerability can be reproduced by registering an uprobe on a file at zero offset, mapping the file, and then remapping part of the vma to a new location.

Recommendations: For Linux kernel versions prior to the fixed version, consider applying the patch series "Fix uprobe pte be overwritten when expanding vma" to resolve the issue. As a temporary workaround, avoid using the uprobe functionality on files at zero offset to minimize the risk of exploitation. Restrict access to the mm module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.