Linux Kernel Vulnerability in MIPS Architecture Affecting Tasks Without ABI

CVE-2025-38696

What is CVE-2025-38696?

A vulnerability in the Linux kernel for MIPS architecture could lead to system crashes when tasks that do not have an Application Binary Interface (ABI) or virtual Dynamically-linked Shared Object (vDSO) mapped to them invoke the stack_top() function. This issue arises primarily with kernel threads (kthreads), which lack an ABI association. When such tasks call stack_top(), it results in dereferencing a NULL ABI pointer, causing an unexpected crash. This vulnerability is critical for systems relying on MIPS architecture as it could disrupt kernel operations and impact resource management.

References