Page Table Management Flaw in Linux Kernel Affects Multiple Versions
CVE-2025-38084

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 June 2025

What is CVE-2025-38084?

The Linux kernel contains a vulnerability related to the management of hugetlb page tables during the splitting of virtual memory areas (VMAs). The flaw arises from the timing of the hugetlb page table unsharing, which occurs prematurely before the necessary locks are acquired. This issue can lead to race conditions that allow page tables to be inadvertently shared, compromising the integrity of memory management in the kernel. The fix involves modifying the unsharing logic to occur after proper locking, thereby mitigating the race condition and enhancing overall kernel security.

Affected Version(s)

Linux 39dde65c9940c97fcd178a3d2b1c57ed8b7b68aa

Linux 39dde65c9940c97fcd178a3d2b1c57ed8b7b68aa < 366298f2b04d2bf1f2f2b7078405bdf9df9bd5d0

Linux 39dde65c9940c97fcd178a3d2b1c57ed8b7b68aa < 2511ac64bc1617ca716d3ba8464e481a647c1902

References

https://git.kernel.org/stable/c/e8847d18cd9fff1edbb45e963...

https://git.kernel.org/stable/c/366298f2b04d2bf1f2f2b7078...

https://git.kernel.org/stable/c/2511ac64bc1617ca716d3ba84...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 28, 2025
Vulnerability Reserved
Apr 16, 2025