CVE-2025-38510

16.08.2025, 11:15

In the Linux kernel, the following vulnerability has been resolved:

kasan: remove kasan_find_vm_area() to prevent possible deadlock

find_vm_area() couldn't be called in atomic_context.  If find_vm_area() is
called to reports vm area information, kasan can trigger deadlock like:

CPU0                                CPU1
vmalloc();
 alloc_vmap_area();
  spin_lock(&vn->busy.lock)
                                    spin_lock_bh(&some_lock);
   <interrupt occurs>
   <in softirq>
   spin_lock(&some_lock);
                                    <access invalid address>
                                    kasan_report();
                                     print_report();
                                      print_address_description();
                                       kasan_find_vm_area();
                                        find_vm_area();
                                         spin_lock(&vn->busy.lock) // deadlock!

To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().

Provider	Type	Base Score	Vector
NIST	NIST	UNKNOWN	---
Linux	CNA	---	---
CVE	ADP	---	---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 10%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.244-1 fixed
bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed
forky	6.16.12-2 fixed
sid	6.17.8-1 fixed

linux-6.1

bullseye (security)

6.1.153-1~deb11u1

fixed

References

https://git.kernel.org/stable/c/0c3566d831def922cd56322c772a7b20d8b0e0c0

https://git.kernel.org/stable/c/2d89dab1ea6086e6cbe6fe92531b496fb6808cb9

https://git.kernel.org/stable/c/595f78d99b9051600233c0a5c4c47e1097e6ed01

https://git.kernel.org/stable/c/6ee9b3d84775944fb8c8a447961cd01274ac671c

https://git.kernel.org/stable/c/8377d7744bdce5c4b3f1b58924eebd3fdc078dfc

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html