CVE-2025-40218
BaseFortify
Publication date: 2025-12-04
Last updated on: 2025-12-04
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's DAMON virtual address space operation set implementation. The function pte_offset_map_lock() is called during a page table walk to read and write page table accessed bits. If pte_offset_map_lock() fails, the code retries the operation. However, if the target is a pmd migration entry, pte_offset_map_lock() can continuously fail, causing an infinite loop in the page table walk. This infinite loop can lead to a soft lockup, especially when CPU hotplugging and DAMON run simultaneously. The fix avoids retrying the page table walk to prevent the infinite loop, accepting some loss in accuracy as DAMON only promises best-effort accuracy.
How can this vulnerability impact me? :
This vulnerability can cause a soft lockup in the system, which means the CPU can become unresponsive or stuck in an infinite loop during certain operations like CPU hotplugging when DAMON is running. This can degrade system stability and availability, potentially leading to downtime or requiring a system reboot to recover.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version where the issue in mm/damon/vaddr has been fixed. This update avoids the infinite loop caused by repeated pte_offset_map_lock() retries during page table walks. Since the vulnerability causes a soft lockup when CPU hotplugging and DAMON run in parallel, avoiding running these operations simultaneously until the patch is applied may reduce risk.