CVE-2025-38447

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue in the mm/rmap module related to out-of-bounds page table access during batched unmap operations within the try to unmap one() function. This occurs when handling large folios with PTE mappings that are not fully contained within a single page table. The vulnerability is triggered by the batched unmap logic, potentially allowing a read past the end of a PTE table. The issue was identified by David and addressed by refactoring the logic into a new helper function, folio unmap pte batch(), which correctly calculates a safe batch size based on VMA and PMD boundaries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.