In the Linux kernel, the following vulnerability has been resolved:
kasan: remove kasan_find_vm_area() to prevent possible deadlock
find_vm_area() couldn't be called in atomic_context. If find_vm_area() is
called to reports vm area information, kasan can trigger deadlock like:
CPU0 CPU1
vmalloc();
alloc_vmap_area();
spin_lock(&vn->busy.lock)
spin_lock_bh(&some_lock);
<interrupt occurs>
<in softirq>
spin_lock(&some_lock);
<access invalid address>
kasan_report();
print_report();
print_address_description();
kasan_find_vm_area();
find_vm_area();
spin_lock(&vn->busy.lock) // deadlock!
To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().
CVSS
No CVSS.
References
Configurations
No configuration.
History
16 Aug 2025, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-08-16 11:15
Updated : 2025-08-16 11:15
NVD link : CVE-2025-38510
Mitre link : CVE-2025-38510
CVE.ORG link : CVE-2025-38510
JSON object : View
Products Affected
No product.
CWE
No CWE.