CVE-2025-40270

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free (UAF) issue exists in the Linux kernel’s swap cache layer, specifically related to VMA readahead. A change introduced by commit 78524b05f1a3 inadvertently created a scenario where VMA readahead could access swap entries from a device that had been swapped off, leading to a potential UAF condition. This occurs because VMA readahead walks the page table and may encounter swap entries from different devices without holding a reference to them. The issue is not easily triggered but could potentially cause problems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.