Resource Management Vulnerability in Linux Kernel Affects Multiple Platforms
CVE-2025-38256

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 July 2025

What is CVE-2025-38256?

A resource management issue in the Linux kernel's handling of io_uring has been identified, where the system attempts to unpin the head page of a folio after successfully pinning a tail page. This can lead to an unmapping failure, triggering internal errors and debug warnings. The fault occurs during the processing of user pages, which can compromise stability and performance in systems utilizing io_uring. A fix has been implemented to replace the method of unpinning to enhance reliability.

Affected Version(s)

Linux a8edbb424b1391b077407c75d8f5d2ede77aa70d < 53fd75f25b223878b5fff14932e3a22f42b54f77

Linux a8edbb424b1391b077407c75d8f5d2ede77aa70d < 11e7b7369e655e6131387b174218d7fa9557b3da

Linux a8edbb424b1391b077407c75d8f5d2ede77aa70d < 5afb4bf9fc62d828647647ec31745083637132e4

References

https://git.kernel.org/stable/c/53fd75f25b223878b5fff1493...

https://git.kernel.org/stable/c/11e7b7369e655e6131387b174...

https://git.kernel.org/stable/c/5afb4bf9fc62d828647647ec3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2025
Vulnerability Reserved
Apr 16, 2025