CVE-2025-38733
📋 TL;DR
This Linux kernel vulnerability on s390 architecture allows NULL pointer dereferences to succeed instead of causing exceptions. This occurs because the lowcore memory region is incorrectly mapped to address zero, bypassing low address protection. Only Linux systems running on s390 architecture with affected kernel versions are impacted.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel crash or privilege escalation if an attacker can trigger specific NULL pointer dereferences that lead to controlled memory corruption.
Likely Case
System instability or crashes from accidental NULL pointer accesses that would normally be caught by low address protection.
If Mitigated
Minimal impact if systems have proper memory protection mechanisms and limited attack surface.
🎯 Exploit Status
Exploitation requires local access and knowledge of s390 architecture memory layout. No public exploits known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 1d7864acd497cb468a998d44631f84896f885e85, 30bf5728bb217a6d1ba73f44094c9b9c6bc9a567, 93f616ff870a1fb7e84d472cad0af651b18f9f87)
Vendor Advisory: https://git.kernel.org/stable/c/1d7864acd497cb468a998d44631f84896f885e85
Restart Required: Yes
Instructions:
1. Update to latest stable Linux kernel version containing the fix. 2. For distributions: apply vendor kernel updates. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
No practical workaround
s390This is a kernel-level memory mapping issue that cannot be worked around at user level.
🧯 If You Can't Patch
- Restrict local user access to s390 systems
- Implement strict process isolation and privilege separation
🔍 How to Verify
Check if Vulnerable:
Check kernel version and architecture: 'uname -a' should show s390/s390x and kernel version before patchesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits or is newer than patched versions📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crashes
- Unexpected NULL pointer access logs
SIEM Query:
Search for kernel panic/oops events on s390 systems