CVE-2025-38434

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw was identified in the Linux kernel related to the access ok() function and TASK SIZE MAX definition. A previous commit attempted to optimize access ok() by setting TASK SIZE MAX to LONG MAX, but this allowed invalid user addresses between TASK SIZE and LONG MAX to pass validation. This issue impacted functions like get user pages fast(), potentially leading to problems with functions such as futex(). The commit has been reverted, restoring TASK SIZE MAX to its default value of TASK SIZE to ensure correctness, although this reduces performance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.