Vulnerability in Linux Kernel Affecting ARM64 Architectures
CVE-2025-38424
What is CVE-2025-38424?
A critical flaw in the Linux Kernel pertaining to ARM64 architectures has been identified. This vulnerability arises when the 'perf' subsystem attempts to access the user stack during the process of tearing down the address space in exit_mmap(). As 'perf' is typically stopped after the user memory management is dismantled, this can lead to a system crash due to improper memory accesses. Enhancements have been implemented to ensure that when the current task relinquishes its memory context (setting current->mm to NULL), the 'perf' functionality is halted prior to any teardown processes. This correction is designed to mitigate the risk of system instability during critical exit operations.
Affected Version(s)
Linux c5ebcedb566ef17bda7b02686e0d658a7bb42ee7 < 7b8f3c72175c6a63a95cf2e219f8b78e2baad34e
Linux c5ebcedb566ef17bda7b02686e0d658a7bb42ee7 < 507c9a595bad3abd107c6a8857d7fd125d89f386
Linux c5ebcedb566ef17bda7b02686e0d658a7bb42ee7