CVE-2025-38383

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38383
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38383.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-38383
Downstream
Related
Published
2025-07-25T12:53:24.578Z
Modified
2026-03-23T05:03:55.409742623Z
Summary
mm/vmalloc: fix data race in show_numa_info()
Details

In the Linux kernel, the following vulnerability has been resolved:

mm/vmalloc: fix data race in shownumainfo()

The following data-race was found in shownumainfo():

================================================================== BUG: KCSAN: data-race in vmallocinfoshow / vmallocinfoshow

read to 0xffff88800971fe30 of 4 bytes by task 8289 on cpu 0: shownumainfo mm/vmalloc.c:4936 [inline] vmallocinfoshow+0x5a8/0x7e0 mm/vmalloc.c:5016 seqreaditer+0x373/0xb40 fs/seqfile.c:230 procregreaditer+0x11e/0x170 fs/proc/inode.c:299 ....

write to 0xffff88800971fe30 of 4 bytes by task 8287 on cpu 1: shownumainfo mm/vmalloc.c:4934 [inline] vmallocinfoshow+0x38f/0x7e0 mm/vmalloc.c:5016 seqreaditer+0x373/0xb40 fs/seqfile.c:230 procregreaditer+0x11e/0x170 fs/proc/inode.c:299 ....

value changed: 0x0000008f -> 0x00000000

According to this report,there is a read/write data-race because m->private is accessible to multiple CPUs. To fix this, instead of allocating the heap in procvmallocinit() and passing the heap address to m->private, vmallocinfoshow() should allocate the heap.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38383.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8e1d743f2c2671aa54f6f91a2b33823f92512870
Fixed
ead91de35d9cd5c4f80ec51e6020f342079170af
Fixed
5c966f447a584ece3c70395898231aeb56256ee7
Fixed
5c5f0468d172ddec2e333d738d2a1f85402cf0bc

Affected versions

v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.15.3
v6.15.4
v6.15.5
v6.8
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38383.json"
vanir_signatures 
[
    {
        "signature_version": "v1",
        "target": {
            "file": "mm/vmalloc.c",
            "function": "proc_vmalloc_init"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c966f447a584ece3c70395898231aeb56256ee7",
        "deprecated": false,
        "digest": {
            "function_hash": "143534025757848216501729744984065861427",
            "length": 242.0
        },
        "id": "CVE-2025-38383-4c7eb704",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "id": "CVE-2025-38383-539cf4fa",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c966f447a584ece3c70395898231aeb56256ee7",
        "signature_type": "Function",
        "target": {
            "file": "mm/vmalloc.c",
            "function": "vmalloc_info_show"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "102747215955322157074313637826710845309",
            "length": 1414.0
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c966f447a584ece3c70395898231aeb56256ee7",
        "deprecated": false,
        "target": {
            "file": "mm/vmalloc.c"
        },
        "digest": {
            "line_hashes": [
                "101165742011822397729501104341041351371",
                "241960760412773383268079599422752780315",
                "65313830139807506014773311289165247888",
                "248236602146614871643420620440477731344",
                "131448338793951428258751595526473919338",
                "201986222686462958621715266384981886555",
                "149937004950728191965879683629720210032",
                "75218262223740350472529572764141688233",
                "46873356956527310356398844952025405341",
                "266075551053134148962039075237466834190",
                "220348029793241541677295657260802740220",
                "64628569029243402624947964350262453320",
                "139161443306736735138007776205989985120",
                "196450042896535521945960102058433933835",
                "309995092104465552359507116817050706873",
                "61201495184802382972098658598219307469",
                "253621469681006321764301583427998570295",
                "18960134887373977663345366205979169317",
                "256262858477096194090313842482489394535",
                "152819140383146399841979902199987609081",
                "169725846539978875965096367674719666056",
                "269353717433348937752501241800129920052",
                "225437648193933549551944001529705729893",
                "153915625739376897900835005427547258365",
                "139988037412556960089625203758096196606",
                "141863676113737045713729089198011326664",
                "41394995176954068694275183419614136824",
                "124466097537213862120995043411609198249",
                "39287743870250733511830382687360077582",
                "258596025511780473682046482658780844299",
                "302335338986373671579072770676159585809",
                "106485706751804681923297713535358939957",
                "180732792083821062455400836517930587333",
                "25560600318859282738826178730760823541",
                "151949890274368405738264940733323227710",
                "111517157919604171832862154051511733730",
                "186946793200131758406230446669087949444",
                "231908340498932204985680830449738884331",
                "276733982851640101958887049399587977834",
                "52409646378378874302404837598669487879",
                "325267583781540700421930891727650518866",
                "179070794294248912495707464144504078901",
                "290724575228841792274991027997274760601",
                "135582075576665289164256803069802857647",
                "61148287898887246067876128198305936916",
                "103409754443524787296047473229111655840",
                "277547952967127937661773808240287220118",
                "220223770543102642991906119432662197356"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2025-38383-da3f0e1e"
    },
    {
        "signature_version": "v1",
        "id": "CVE-2025-38383-f8728da3",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c966f447a584ece3c70395898231aeb56256ee7",
        "signature_type": "Function",
        "target": {
            "file": "mm/vmalloc.c",
            "function": "show_numa_info"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "124670717029153768449092546212245194288",
            "length": 567.0
        }
    }
]