Race Condition in Linux Kernel Userfaultfd Implementation Affecting Memcached
CVE-2025-38242
What is CVE-2025-38242?
A vulnerability in the Linux kernel userfaultfd implementation has been identified, resulting in a race condition that can lead to unreliable behavior when handling memory pages. Specifically, the function userfaultfd_move may experience conflicts during the management of swap entries, leading to potential incorrect memory references. This occurs when simultaneous operations from multiple CPUs manipulate memory references, causing a shared resource conflict and potentially corrupting the RSS (Resident Set Size) counter. Although the likelihood of this race condition manifesting is low due to its dependency on specific timing and sequence of operations, it remains a risk for configurations where memory management robustness is critical. Proper checks and locks are essential for ensuring memory integrity and avoiding inconsistencies.
Affected Version(s)
Linux adef440691bab824e39c1b17382322d195e1fab0
Linux adef440691bab824e39c1b17382322d195e1fab0 < 0ea148a799198518d8ebab63ddd0bb6114a103bc
Linux 6.8