CVE-2025-38050
📋 TL;DR
A race condition in the Linux kernel's hugetlb subsystem can cause a NULL pointer dereference when replacing free huge pages, leading to kernel panic and system crash. This affects Linux systems using huge pages with specific memory allocation operations. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to complete system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
Local denial of service through kernel crash when specific memory operations are performed on systems using huge pages.
If Mitigated
Minimal impact with proper access controls preventing local users from triggering the vulnerable code path.
🎯 Exploit Status
Exploitation requires triggering a race condition between __update_and_free_hugetlb_folio() and replace_free_hugepage_folios() functions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in kernel commits 113ed54ad276c352ee5ce109bdcf0df118a43bda and e97283978a9848190d451f7038ac399613445f79
Vendor Advisory: https://git.kernel.org/stable/c/113ed54ad276c352ee5ce109bdcf0df118a43bda
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Check with your Linux distribution for security updates. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable hugetlb
linuxDisable huge pages to prevent triggering the vulnerable code path
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo 0 > /proc/sys/vm/nr_hugepages
Restrict CMA operations
linuxLimit access to CMA operations that could trigger the vulnerability
chmod 600 /sys/kernel/debug/cma/*
restrict user access to debugfs
🧯 If You Can't Patch
- Restrict local user access to prevent untrusted users from running memory-intensive operations
- Monitor system logs for kernel panic messages related to hugetlb or CMA operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if hugetlb is enabled: uname -r && cat /proc/meminfo | grep HugePagesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits or check with distribution's security advisory📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages with 'NULL pointer dereference' in alloc_and_dissolve_hugetlb_folio
- Oops messages related to hugetlb or CMA operations
Network Indicators:
- No network indicators - local vulnerability only
SIEM Query:
kernel_panic OR oops AND (hugetlb OR CMA OR "NULL pointer dereference")