PT-2025-35954 · Linux · Linux Kernel
Published
2025-09-04
·
Updated
2025-09-04
·
CVE-2025-38681
None
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The Linux kernel contains a flaw in the `mm/ptdump` component where the code can race with concurrent modifications of kernel page tables. Specifically, when intermediate levels of kernel page tables are freed, the dump code may dereference bogus addresses, potentially leading to issues. This occurs during memory hot remove operations and when checking for pages marked with write and execute permissions via the `/sys/kernel/debug/kernel page tables/check wx pages` interface, which calls the `ptdump check wx()` function. The issue is addressed by moving the memory hotplug lock inside the generic `ptdump check wx()` function.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Related Identifiers
Affected Products
References · 10
- https://nvd.nist.gov/vuln/detail/CVE-2025-38681 · Security Note
- https://git.kernel.org/stable/c/ca8c414499f2e5337a95a76be0d21b728ee31c6b · Note
- https://twitter.com/CVEnew/status/1963644661085393100 · Twitter Post
- https://git.kernel.org/stable/c/ff40839e018b82c4d756d035f34a63aa2d93be83 · Note
- https://git.kernel.org/stable/c/69bea84b06b5e779627e7afdbf4b60a7d231c76f · Note
- https://git.kernel.org/stable/c/ac25ec5fa2bf6e606dc7954488e4dded272fa9cd · Note
- https://git.kernel.org/stable/c/1636b5e9c3543b87d673e32a47e7c18698882425 · Note
- https://git.kernel.org/stable/c/67995d4244694928ce701928e530b5b4adeb17b4 · Note
- https://git.kernel.org/stable/c/3ee9a8c27bfd72c3f465004fa8455785d61be5e8 · Note
- https://git.kernel.org/stable/c/59305202c67fea50378dcad0cc199dbc13a0e99a · Note