PT-2025-39140 · Linux+7 · Linux Kernel+7

Published

2025-08-28

·

Updated

2026-05-07

·

CVE-2025-39883

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0-rc1-00195-g148743902568
Description The Linux kernel contains a flaw in the memory management subsystem related to handling poisoned memory pages. Specifically, the unpoison memory function incorrectly checks page flags, triggering a kernel panic when attempting to unpoison memory. This occurs when pfn to online page() returns NULL, indicating an offline memory block. The issue is reproducible by taking memory offline, obtaining its page frame number (PFN), and then attempting to unpoison it via the /sys/kernel/debug/hwpoison/unpoison-pfn interface. The root cause is that VM BUG ON PAGE(PagePoisoned(page)) is triggered on an uninitialized page.
Recommendations Update to a version newer than 6.10.0-rc1-00195-g148743902568.

Exploit

Fix

Out of bounds Read

Use After Free

Weakness Enumeration

CWE-125CWE-416

Related Identifiers

ALSA-2025:22387
ALSA-2025:22388
ALSA-2025:22395
ALSA-2026:0445
AZL-67656
AZL-74739
BDU:2025-13885
CESA-2025_22387
CESA-2025_22388
CVE-2025-39883
DLA-4328-1
DLA-4404-1
ECHO-FAFE-37F6-96F7
INFSA-2025_22387
INFSA-2025_22388
MGASA-2025-0309
MGASA-2025-0310
OESA-2025-2406
OESA-2025-2407
OESA-2025-2408
OESA-2025-2465
OESA-2025-2466
OESA-2025-2467
RHSA-2026:0271
RHSA-2026:0445
RHSA-2026:0533
USN-8033-1
USN-8033-2
USN-8033-3
USN-8033-4
USN-8033-5
USN-8033-6
USN-8033-7
USN-8033-8
USN-8034-1
USN-8034-2
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Almalinux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Ubuntu