Vulnerability in Linux Kernel Affects Stack Management Features
CVE-2025-38670
What is CVE-2025-38670?
An issue in the Linux kernel related to improper handling of stack management functions cpu_switch_to() and call_on_irq_stack() has been identified. When these functions manipulate stack pointers, they may be interrupted by SErrors or Debug Exceptions, leading to potential stack mismatches. Specifically, if an interrupt occurs while switching stacks, the kernel may mistakenly save the old task's Shadow Call Stack pointer, resulting in clobbered stack states. Such discrepancies can cause tasks to return to incorrect addresses, triggering kernel panics under certain configuration settings. Although this situation arises under unlikely conditions, enabling specific configurations can exacerbate the frequency of these interruptions, compounding the risk of unpredictable system behavior.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Linux 3f225f29c69c13ce1cbdb1d607a42efeef080056
Linux 402d2b1d54b7085d0c3bfd01fd50c2701dde64b3 < 407047893a64399f2d2390ff35cc6061107d805d
Linux 4403c7b7e5e1ad09a266b6e399fd7bf97931508e