APPLIED: [SRU][N][PATCH 0/1] CVE-2025-37958

Stefan Bader stefan.bader at canonical.com
Fri Oct 24 14:26:02 UTC 2025 

On 15/10/2025 14:32, Massimiliano Pellizzer wrote:
> https://ubuntu.com/security/CVE-2025-37958
> 
> [ Impact ]
> 
> mm/huge_memory: fix dereferencing invalid pmd migration entry
> 
> When migrating a THP, concurrent access to the PMD migration entry during
> a deferred split scan can lead to an invalid address access.
> To prevent this invalid access, it is necessary to
> check the PMD migration entry and return early.
> 
> [ Fix ]
> 
> Backport the following fix commit from upstream:
>   be6e843fc51a mm/huge_memory: fix dereferencing invalid pmd migration entry
> 
> [ Test Plan ]
> 
> Compile and boot tested.
> Stress tested memory subsystem:
> $ sudo stress-ng --class memory --sequential 4 --timeout 30 --metrics-brief
> ...
> stress-ng: info:  [1072] passed: 212: ...
> stress-ng: info:  [1072] failed: 0
> stress-ng: info:  [1072] metrics untrustworthy: 0
> stress-ng: info:  [1072] successful run completed in 26 mins, 34.97 secs
> 
> 
> [ Regression Potential ]
> 
> The fix modifies THP splitting and deferred-split handling to skip PMD
> migration entries. An issue with this patch may cause legitimate PMDs to
> be misclassified and skipped, increasing fragmentation and reclaim
> latency.
> 
> [ Other Info ]
> 
> Questing not affected.
> Plucky and Jammy fixed through stable updates.
> 
> Gavin Guo (1):
>    mm/huge_memory: fix dereferencing invalid pmd migration entry
> 
>   mm/huge_memory.c | 11 ++++++-----
>   1 file changed, 6 insertions(+), 5 deletions(-)
> 


Applied to noble:linux/master-next. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20251024/0ab83e8b/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20251024/0ab83e8b/attachment-0001.sig>

More information about the kernel-team mailing list