ACK: [SRU][N][PATCH 0/1] CVE-2025-37958
Magali Lemes
magali.lemes at canonical.com
Fri Oct 17 12:57:57 UTC 2025
On 10/15/25 09:32, Massimiliano Pellizzer wrote:
> https://ubuntu.com/security/CVE-2025-37958
>
> [ Impact ]
>
> mm/huge_memory: fix dereferencing invalid pmd migration entry
>
> When migrating a THP, concurrent access to the PMD migration entry during
> a deferred split scan can lead to an invalid address access.
> To prevent this invalid access, it is necessary to
> check the PMD migration entry and return early.
>
> [ Fix ]
>
> Backport the following fix commit from upstream:
> be6e843fc51a mm/huge_memory: fix dereferencing invalid pmd migration entry
>
> [ Test Plan ]
>
> Compile and boot tested.
> Stress tested memory subsystem:
> $ sudo stress-ng --class memory --sequential 4 --timeout 30 --metrics-brief
> ...
> stress-ng: info: [1072] passed: 212: ...
> stress-ng: info: [1072] failed: 0
> stress-ng: info: [1072] metrics untrustworthy: 0
> stress-ng: info: [1072] successful run completed in 26 mins, 34.97 secs
>
>
> [ Regression Potential ]
>
> The fix modifies THP splitting and deferred-split handling to skip PMD
> migration entries. An issue with this patch may cause legitimate PMDs to
> be misclassified and skipped, increasing fragmentation and reclaim
> latency.
>
> [ Other Info ]
>
> Questing not affected.
> Plucky and Jammy fixed through stable updates.
>
> Gavin Guo (1):
> mm/huge_memory: fix dereferencing invalid pmd migration entry
>
> mm/huge_memory.c | 11 ++++++-----
> 1 file changed, 6 insertions(+), 5 deletions(-)
>
Acked-by: Magali Lemes <magali.lemes at canonical.com>
More information about the kernel-team
mailing list