CVE-2025-38510 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasan_find_vm_area() to prevent possible deadlock find_vm_area() couldn't be called in atomic_context. If find_vm_area() is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc(); alloc_vmap_area(); spin_lock(&vn->busy.lock) spin_lock_bh(&some_lock); <interrupt occurs> <in softirq> spin_lock(&some_lock); <access invalid address> kasan_report(); print_report(); print_address_description(); kasan_find_vm_area(); find_vm_area(); spin_lock(&vn->busy.lock) // deadlock! To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0c3566d831def922cd56322c772a7b20d8b0e0c0
https://git.kernel.org/stable/c/2d89dab1ea6086e6cbe6fe92531b496fb6808cb9
https://git.kernel.org/stable/c/595f78d99b9051600233c0a5c4c47e1097e6ed01
https://git.kernel.org/stable/c/6ee9b3d84775944fb8c8a447961cd01274ac671c
https://git.kernel.org/stable/c/8377d7744bdce5c4b3f1b58924eebd3fdc078dfc

History

Thu, 21 Aug 2025 13:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Sat, 16 Aug 2025 11:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasan_find_vm_area() to prevent possible deadlock find_vm_area() couldn't be called in atomic_context. If find_vm_area() is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc(); alloc_vmap_area(); spin_lock(&vn->busy.lock) spin_lock_bh(&some_lock); <interrupt occurs> <in softirq> spin_lock(&some_lock); <access invalid address> kasan_report(); print_report(); print_address_description(); kasan_find_vm_area(); find_vm_area(); spin_lock(&vn->busy.lock) // deadlock! To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().
Title		kasan: remove kasan_find_vm_area() to prevent possible deadlock
References		https://git.kernel.org/stable/c/0c3566d831def922cd56322c772a7b20d8b0e0c0 https://git.kernel.org/stable/c/2d89dab1ea6086e6cbe6fe92531b496fb6808cb9 https://git.kernel.org/stable/c/595f78d99b9051600233c0a5c4c47e1097e6ed01 https://git.kernel.org/stable/c/6ee9b3d84775944fb8c8a447961cd01274ac671c https://git.kernel.org/stable/c/8377d7744bdce5c4b3f1b58924eebd3fdc078dfc

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-08-16T10:54:52.438Z

Updated: 2025-08-16T10:54:52.438Z

Reserved: 2025-04-16T04:51:24.022Z

Link: CVE-2025-38510

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-08-16T11:15:44.010

Modified: 2025-08-18T20:16:28.750

Link: CVE-2025-38510

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object