Vulnerability in Linux Kernel Affects Stack Management Features
CVE-2025-38670
What is CVE-2025-38670?
An issue in the Linux kernel related to improper handling of stack management functions cpu_switch_to() and call_on_irq_stack() has been identified. When these functions manipulate stack pointers, they may be interrupted by SErrors or Debug Exceptions, leading to potential stack mismatches. Specifically, if an interrupt occurs while switching stacks, the kernel may mistakenly save the old task's Shadow Call Stack pointer, resulting in clobbered stack states. Such discrepancies can cause tasks to return to incorrect addresses, triggering kernel panics under certain configuration settings. Although this situation arises under unlikely conditions, enabling specific configurations can exacerbate the frequency of these interruptions, compounding the risk of unpredictable system behavior.
Affected Version(s)
Linux 59b37fe52f49955791a460752c37145f1afdcad1 < 9433a5f437b0948d6a2d8a02ad7a42ab7ca27a61
Linux 59b37fe52f49955791a460752c37145f1afdcad1 < 708fd522b86d2a9544c34ec6a86fa3fc23336525
Linux 59b37fe52f49955791a460752c37145f1afdcad1 < 0f67015d72627bad72da3c2084352e0aa134416b