CVE-2025-38424
Published: Jul 25, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: perf: Fix sample vs do_exit() Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access MMIO in bad ways. The crash further shows perf trying to do a user stack sample while in exit_mmap()'s tlb_finish_mmu() -- i.e. while tearing down the address space it is trying to access. It turns out that we stop perf after we tear down the userspace mm; a receipie for disaster, since perf likes to access userspace for various reasons. Flip this order by moving up where we stop perf in do_exit(). Additionally, harden PERF_SAMPLE_CALLCHAIN and PERF_SAMPLE_STACK_USER to abort when the current task does not have an mm (exit_mm() makes sure to set current->mm = NULL; before commencing with the actual teardown). Such that CPU wide events don't trip on this same problem.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected c5ebcedb566ef17bda7b02686e0d658a7bb42ee7 - < 7b8f3c72175c6a63a95cf2e219f8b78e2baad34eaffected c5ebcedb566ef17bda7b02686e0d658a7bb42ee7 - < 507c9a595bad3abd107c6a8857d7fd125d89f386affected c5ebcedb566ef17bda7b02686e0d658a7bb42ee7 - < a9f6aab7910a0ef2895797f15c947f6d1053160faffected c5ebcedb566ef17bda7b02686e0d658a7bb42ee7 - < 975ffddfa2e19823c719459d2364fcaa17673964affected c5ebcedb566ef17bda7b02686e0d658a7bb42ee7 - < 2ee6044a693735396bb47eeaba1ac3ae26c1c99b+3 more versions |
Linux | Linux | affected 3.7unaffected 0 - < 3.7unaffected 5.4.295 - <= 5.4.*unaffected 5.10.239 - <= 5.10.*unaffected 5.15.186 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now