CVE-2025-38563

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The perf mmap code does not prevent Virtual Memory Area (VMA) splits caused by resizing or partial unmapping of a mapping. This can lead to reference count leaks in perf mmap open() and perf mmap close() calls, as subsequent calls do not fulfill offset and size checks. The issue occurs because the initial mapping's offset and size must match for subsequent mappings, and VMA splits violate this requirement. The vm operations struct::may split() callback is implemented to return -EINVAL, preventing VMA splits and ensuring mapping offsets and sizes remain unchanged after initial mapping.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.