Linux Kernel GPF Vulnerability in Bitmap Statistics Collection
CVE-2025-38451

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 July 2025

What is CVE-2025-38451?

A flaw in the Linux kernel's bitmap statistics collection can lead to a General Protection Fault (GPF). This occurs when the code for checking bitmap validity only verifies the existence of a super-block for internal bitmaps, neglecting external bitmap cases. Thus, it risks invalid reads from non-canonical addresses. A recent commit has addressed this oversight by enforcing checks for both internal and external bitmap storage locations, ensuring more reliable statistics retrieval and enhancing overall system stability.

Affected Version(s)

Linux 065f4b1cd41d03702426af44193894b925607073

Linux 0b5390aeaa85eb2f15e0e2ea0731c0995285db5e < 3d82a729530bd2110ba66e4a1f73461c776edec2

Linux eeeba7f43ae27835718a5f5ad6552a8983e75201 < 3e0542701b37aa25b025d8531583458e4f014c2e

References

https://git.kernel.org/stable/c/a23b16ba3274961494f5ad236...
https://git.kernel.org/stable/c/3d82a729530bd2110ba66e4a1...
https://git.kernel.org/stable/c/3e0542701b37aa25b025d8531...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38451 : Linux Kernel GPF Vulnerability in Bitmap Statistics Collection