CVE-2025-38554

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains a use-after-free (UAF) issue within the memory management subsystem. This flaw occurs when a virtual memory area's (VMA) mm pointer is freed after the VMA's reference count (vm refcnt) has been dropped. A race condition can occur where a VMA is recycled and subsequently accessed with a stale mm pointer, leading to a UAF. The issue arises from a mismatch in the timing of reference count decrements and VMA recycling, potentially triggered by operations like mmap and munmap. Specifically, lock vma under rcu() can detect a mismatched vm mm pointer after the VMA has been recycled, leading to a call to vma refcount put(), which then incorrectly attempts to wake up a waiting process using the freed memory.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.