CVE-2025-38424
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's perf subsystem. It involves a crash caused by perf attempting to sample the user stack while the process's address space is being torn down during exit. Specifically, perf tries to access user memory after the userspace memory management (mm) has been destroyed, leading to a synchronous external abort (likely due to invalid memory-mapped I/O access). The fix involves changing the order of operations in the do_exit() function to stop perf before the userspace mm is torn down, and adding checks to abort certain perf sampling events if the current task no longer has a valid mm.
How can this vulnerability impact me? :
This vulnerability can cause system crashes or instability on affected Linux systems, particularly on ARM64 architectures. If exploited or triggered, it may lead to a denial of service by crashing processes or the kernel due to invalid memory accesses during process exit. This can impact system reliability and availability.
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version that includes the fix for this vulnerability, which involves changing the order of stopping perf in do_exit() and hardening PERF_SAMPLE_CALLCHAIN and PERF_SAMPLE_STACK_USER to prevent access when the current task does not have an mm. This will prevent crashes related to perf accessing userspace during address space teardown.