CVE-2025-38510
Published: Aug 16, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasan_find_vm_area() to prevent possible deadlock find_vm_area() couldn't be called in atomic_context. If find_vm_area() is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc(); alloc_vmap_area(); spin_lock(&vn->busy.lock) spin_lock_bh(&some_lock); <interrupt occurs> <in softirq> spin_lock(&some_lock); <access invalid address> kasan_report(); print_report(); print_address_description(); kasan_find_vm_area(); find_vm_area(); spin_lock(&vn->busy.lock) // deadlock! To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected c056a364e9546bd513d1f5205f0ee316d8acb910 - < 595f78d99b9051600233c0a5c4c47e1097e6ed01affected c056a364e9546bd513d1f5205f0ee316d8acb910 - < 8377d7744bdce5c4b3f1b58924eebd3fdc078dfcaffected c056a364e9546bd513d1f5205f0ee316d8acb910 - < 2d89dab1ea6086e6cbe6fe92531b496fb6808cb9affected c056a364e9546bd513d1f5205f0ee316d8acb910 - < 0c3566d831def922cd56322c772a7b20d8b0e0c0affected c056a364e9546bd513d1f5205f0ee316d8acb910 - < 6ee9b3d84775944fb8c8a447961cd01274ac671c |
Linux | Linux | affected 5.18unaffected 0 - < 5.18unaffected 6.1.146 - <= 6.1.*unaffected 6.6.99 - <= 6.6.*unaffected 6.12.39 - <= 6.12.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now