Main Vulnerability Database SB2025072786

SB2025072786 - Race condition within a thread in Linux kernel mm

Published: July 27, 2025

Security Bulletin ID SB2025072786

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Race condition within a thread (CVE-ID: CVE-2025-38383)

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to a data race within the clear_vm_uninitialized_flag(), vmalloc_dump_obj() and vmalloc_info_show() functions in mm/vmalloc.c. A local user can corrupt data.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/5c5f0468d172ddec2e333d738d2a1f85402cf0bc
https://git.kernel.org/stable/c/5c966f447a584ece3c70395898231aeb56256ee7
https://git.kernel.org/stable/c/ead91de35d9cd5c4f80ec51e6020f342079170af