CVE-2025-38359

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel versions 6.16.0-20250531.rc0.git0.69b3a602feac.63.fc42.s390x+debug and earlier.

Description A flaw exists in the Linux kernel related to handling in atomic() within the do secure storage access() function. User space accesses to non-exported pages in atomic context can lead to incorrect page fault resolution, potentially resulting in a kernel bug. Debug options may reveal call traces indicating a sleeping function being called from an invalid context. The issue arises because taking the mmap lock is not permitted while in atomic context.

Recommendations Update to a newer version of the Linux Kernel to address this issue.

Exploit

Fix

Improper Locking

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-401

Related Identifiers

AZL-65759

BDU:2025-16075

CVE-2025-38359

ECHO-EABB-9A32-0D7D

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:4393-1

SUSE-SU-2025:4422-1

SUSE-SU-2025:4505-1

SUSE-SU-2025:4516-1

SUSE-SU-2025:4517-1

SUSE-SU-2025:4521-1

SUSE-SU-2026:20039-1

SUSE-SU-2026:20059-1

SUSE-SU-2026:20473-1

SUSE-SU-2026:20496-1

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

Affected Products

Debian

Linux Kernel

Linuxmint

Suse

Ubuntu

CVE-2025-38359

Weakness Enumeration

Related Identifiers

Affected Products

References · 1640