Data Race Vulnerability in Linux Kernel's Memory Management Component
CVE-2025-38383
What is CVE-2025-38383?
A vulnerability has been identified in the Linux kernel related to memory management, specifically within the 'show_numa_info()' function. This issue arises from a data race condition where multiple CPUs can access and modify shared memory concurrently, resulting in unpredictable behavior. The problem stems from the improper handling of the memory heap, which may allow for critical data to be overwritten. A solution has been proposed to improve memory allocation handling within the 'vmalloc_info_show()' to prevent such conflicts. It is crucial for system administrators and users to monitor their kernel versions and apply the necessary patches to mitigate this vulnerability.
Affected Version(s)
Linux 8e1d743f2c2671aa54f6f91a2b33823f92512870
Linux 8e1d743f2c2671aa54f6f91a2b33823f92512870 < 5c966f447a584ece3c70395898231aeb56256ee7
Linux 8e1d743f2c2671aa54f6f91a2b33823f92512870 < 5c5f0468d172ddec2e333d738d2a1f85402cf0bc