Linux Kernel Vulnerability in x86/mm Affects Multiple Distributions
CVE-2025-40174

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-40174?

A vulnerability identified in the Linux kernel's x86/mm component can lead to improper handling of memory management across multi-core systems. Specifically, the lack of a memory barrier (smp_mb()) between loading the active memory context and updating the translation lookaside buffer (TLB) can cause synchronization issues. This can result in the system failing to recognize recent changes in TLB state, potentially leading to inconsistent memory operations and degraded performance. System integrity may be compromised if applications rely on the timely flushing of TLB entries during context switches.

Affected Version(s)

Linux 209954cbc7d0ce1a190fc725d20ce303d74d2680 < 0fe5e3f5fb75c5d88dad24dece3ee75e9d87adeb

Linux 209954cbc7d0ce1a190fc725d20ce303d74d2680 < 83b0177a6c4889b3a6e865da5e21b2c9d97d0551

Linux 6.14

References

https://git.kernel.org/stable/c/0fe5e3f5fb75c5d88dad24dec...

https://git.kernel.org/stable/c/83b0177a6c4889b3a6e865da5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON