CVE-2025-39845
📋 TL;DR
A memory management vulnerability in the Linux kernel causes intermittent boot failures and crashes on systems with 4-level paging and large persistent memory. The issue occurs when page tables aren't properly synchronized during kernel memory mapping operations, leading to page faults and system instability. This affects Linux systems using 4-level paging with persistent memory devices.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System crashes during boot or when accessing persistent memory, causing denial of service and potential data corruption.
Likely Case
Intermittent boot failures or crashes when initializing persistent memory devices, leading to system instability.
If Mitigated
No impact if patched or if system doesn't use 4-level paging with persistent memory.
🎯 Exploit Status
Exploitation requires triggering specific memory mapping operations on vulnerable hardware configuration. Not a traditional security exploit but a stability bug.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 26ff568f390a, 5f761d40ee95, 6659d0279980, 6bf947372756, 744ff519c72d)
Vendor Advisory: https://git.kernel.org/stable/c/26ff568f390a531d1bd792e49f1a401849921960
Restart Required: Yes
Instructions:
1. Update to patched kernel version from your distribution's repository. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable persistent memory devices
allTemporarily disable or remove persistent memory devices to avoid triggering the bug
🧯 If You Can't Patch
- Avoid using persistent memory devices on affected systems
- Monitor system logs for page fault errors and be prepared for potential crashes
🔍 How to Verify
Check if Vulnerable:
Check if system uses 4-level paging and has persistent memory devices. Monitor for boot failures or crashes when accessing persistent memory.Check Version:
uname -rVerify Fix Applied:
Check kernel version includes the fix commits. Test persistent memory device initialization without crashes.📡 Detection & Monitoring
Log Indicators:
- BUG: unable to handle page fault for address
- #PF: supervisor write access in kernel mode
- Oops: 0002
- page fault in vmemmap_set_pmd() or __init_single_page()
SIEM Query:
kernel_log: "BUG: unable to handle page fault" OR kernel_log: "Oops: 0002" OR kernel_log: "vmemmap_set_pmd"🔗 References
- https://git.kernel.org/stable/c/26ff568f390a531d1bd792e49f1a401849921960
- https://git.kernel.org/stable/c/5f761d40ee95d2624f839c90ebeef2d5c55007f5
- https://git.kernel.org/stable/c/6659d027998083fbb6d42a165b0c90dc2e8ba989
- https://git.kernel.org/stable/c/6bf9473727569e8283c1e2445c7ac42cf4fc9fa9
- https://git.kernel.org/stable/c/744ff519c72de31344a627eaf9b24e9595aae554
- https://git.kernel.org/stable/c/b7f4051dd3388edd30e9a6077c05c486aa31e0d4
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
