CVE-2025-38242

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains a race condition within the userfaultfd move function when handling swap cache operations. This issue arises from a lockless swap cache lookup, potentially leading to the movement of an incorrect folio or corruption of the RSS counter. The vulnerability occurs when a folio is swapped in and out using the same swap entry concurrently with a userfaultfd move operation. Specifically, the filemap get folio function may return an incorrect folio or NULL, leading to the potential for moving an invalid folio or accounting errors. The race window is narrow, requiring multiple rare event collisions, but can be reproduced with a deliberately constructed reproducer.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-362

Related Identifiers

BDU:2025-09166

CVE-2025-38242

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2025-38242

Weakness Enumeration

Related Identifiers

Affected Products

References · 1468