[SRU][N][PATCH 0/1] CVE-2025-37958
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Wed Oct 15 12:32:58 UTC 2025
https://ubuntu.com/security/CVE-2025-37958
[ Impact ]
mm/huge_memory: fix dereferencing invalid pmd migration entry
When migrating a THP, concurrent access to the PMD migration entry during
a deferred split scan can lead to an invalid address access.
To prevent this invalid access, it is necessary to
check the PMD migration entry and return early.
[ Fix ]
Backport the following fix commit from upstream:
be6e843fc51a mm/huge_memory: fix dereferencing invalid pmd migration entry
[ Test Plan ]
Compile and boot tested.
Stress tested memory subsystem:
$ sudo stress-ng --class memory --sequential 4 --timeout 30 --metrics-brief
...
stress-ng: info: [1072] passed: 212: ...
stress-ng: info: [1072] failed: 0
stress-ng: info: [1072] metrics untrustworthy: 0
stress-ng: info: [1072] successful run completed in 26 mins, 34.97 secs
[ Regression Potential ]
The fix modifies THP splitting and deferred-split handling to skip PMD
migration entries. An issue with this patch may cause legitimate PMDs to
be misclassified and skipped, increasing fragmentation and reclaim
latency.
[ Other Info ]
Questing not affected.
Plucky and Jammy fixed through stable updates.
Gavin Guo (1):
mm/huge_memory: fix dereferencing invalid pmd migration entry
mm/huge_memory.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
--
2.48.1
More information about the kernel-team
mailing list