CVE-2025-38689

In the Linux kernel, the following vulnerability has been resolved:

x86/fpu: Fix NULL dereference in avx512_status()

Problem

With CONFIGX86DEBUGFPU enabled, reading /proc/[kthread]/archstatus causes a warning and a NULL pointer dereference.

This is because the AVX-512 timestamp code uses x86taskfpu() but doesn't check it for NULL. CONFIGX86DEBUGFPU addles that function for kernel threads (PFKTHREAD specifically), making it return NULL.

The point of the warning was to ensure that kernel threads only access task->fpu after going through kernelfpubegin()/_end(). Note: all kernel tasks exposed in /proc have a valid task->fpu.

Solution

One option is to silence the warning and check for NULL from x86taskfpu(). However, that warning is fairly fresh and seems like a defense against misuse of the FPU state in kernel threads.

Instead, stop outputting AVX-512elapsedms for kernel threads altogether. The data was garbage anyway because avx512_timestamp is only updated for user threads, not kernel threads.

If anyone ever wants to track kernel thread AVX-512 use, they can come back later and do it properly, separate from this bug fix.

[ dhansen: mostly rewrite changelog ]