Memory Error Handling Vulnerability in Linux Kernel Affecting Various Versions
CVE-2025-39989

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 April 2025

Summary

A significant issue in the Linux kernel has been identified where improper error handling during memory operations can lead to kernel panics or user process terminations. Specifically affecting versions beyond 5.17, this vulnerability arises during the handling of memory errors in copy-from-user operations, which can result in a critical failure scenario. The failure occurs due to a race condition between memory controller signals and kernel operations, causing unhandled memory errors that lead to system instability. A recent patch aims to rectify these issues by restoring effective error recovery methods, ensuring that the system can handle these memory failures without crashing.

Affected Version(s)

Linux 4c132d1d844a53fc4e4b5c34e36ef10d6124b783 < 3e3d8169c0950a0b3cd5105f6403a78350dcac80

Linux 4c132d1d844a53fc4e4b5c34e36ef10d6124b783 < 449413da90a337f343cc5a73070cbd68e92e8a54

Linux 4c132d1d844a53fc4e4b5c34e36ef10d6124b783 < 0b8388e97ba6a8c033f9a8b5565af41af07f9345

References

https://git.kernel.org/stable/c/3e3d8169c0950a0b3cd5105f6...

https://git.kernel.org/stable/c/449413da90a337f343cc5a730...

https://git.kernel.org/stable/c/0b8388e97ba6a8c033f9a8b55...

Timeline

Vulnerability published
Apr 18, 2025
Vulnerability Reserved
Apr 16, 2025