CVE-2025-39754

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A race condition exists between smaps hugetlb range() and page migration within the kernel’s memory management subsystem. Specifically, smaps hugetlb range() accesses page table entries (pte) without holding the page table lock (ptl), potentially leading to a BUG ON error in pfn swap entry to page() during concurrent page migration. The issue arises from the interaction between huge ptep get() in smaps hugetlb range() and remove migration ptes() during migration, specifically after folio unlock().

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

AZL-67175

AZL-70952

CVE-2025-39754

ECHO-58F1-184E-4081

OESA-2025-2409

OESA-2025-2410

OESA-2025-2411

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03600-1

SUSE-SU-2025:03601-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3725-1

SUSE-SU-2025:3751-1

Affected Products

Debian

Linux Kernel

Suse

CVE-2025-39754

Weakness Enumeration

Related Identifiers

Affected Products

References · 1979