CVE-2025-68211

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel’s KSM (Kernel Samepage Merging) functionality experienced performance issues when scanning large virtual memory areas with mostly unmapped regions. The scan get next rmap item() function inefficiently walked every page address within a VMA to locate mergeable pages, leading to high CPU usage without significant deduplication. The issue was addressed by replacing the per-address lookup with a range walk using walk page range(). This allows KSM to skip unmapped holes in a VMA, avoiding unnecessary lookups and improving performance. A test program was provided that demonstrated the issue by creating a 32 TiB mapping with only one populated page, causing ksmd to use 100% CPU for an extended period without deduplicating.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.