CVE-2025-40353
- Source
- https://cve.org/CVERecord?id=CVE-2025-40353
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40353.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-40353
- Downstream
- Published
- 2025-12-16T13:30:26.273Z
- Modified
- 2026-01-02T20:52:24.611797Z
- Summary
- arm64: mte: Do not warn if the page is already tagged in copy_highpage()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
arm64: mte: Do not warn if the page is already tagged in copy_highpage()
The arm64 copyhighpage() assumes that the destination page is newly allocated and not MTE-tagged (PGmtetagged unset) and warns accordingly. However, following commit 060913999d7a ("mm: migrate: support poisoned recover from migrate folio"), foliomccopy() is called before _foliomigratemapping(). If the latter fails (-EAGAIN), the copy will be done again to the same destination page. Since copyhighpage() already set the PGmte_tagged flag, this second copy will warn.
Replace the WARNONONCE(page already tagged) in the arm64 copy_highpage() with a comment.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40353.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0bbf3fc6e9211fce9889fe8efbb89c220504d617
- https://git.kernel.org/stable/c/5ff5765a1fc526f07d3bbaedb061d970eb13bcf4
- https://git.kernel.org/stable/c/b98c94eed4a975e0c80b7e90a649a46967376f58
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40353.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-40353
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced060913999d7a9e50c283fdb15253fc27974ddadcFixed5ff5765a1fc526f07d3bbaedb061d970eb13bcf4Fixed0bbf3fc6e9211fce9889fe8efbb89c220504d617Fixedb98c94eed4a975e0c80b7e90a649a46967376f58
Affected versions
v6.*
v6.10
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.46
v6.12.47
v6.12.48
v6.12.49
v6.12.5
v6.12.50
v6.12.51
v6.12.52
v6.12.53
v6.12.54
v6.12.55
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.17
v6.17-rc1
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.17.1
v6.17.2
v6.17.3
v6.17.4
v6.17.5
v6.18-rc1