vulnerability
Ubuntu: (CVE-2025-38195): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Jul 4, 2025 | Jul 9, 2025 | Oct 24, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: Fix panic caused by NULL-PMD in huge_pte_offset()
ERROR INFO:
CPU 25 Unable to handle kernel paging request at virtual address 0x0
...
Call Trace:
[<900000000023c30c>] huge_pte_offset+0x3c/0x58
[<900000000057fd4c>] hugetlb_follow_page_mask+0x74/0x438
[<900000000051fee8>] __get_user_pages+0xe0/0x4c8
[<9000000000522414>] faultin_page_range+0x84/0x380
[<9000000000564e8c>] madvise_vma_behavior+0x534/0xa48
[<900000000056689c>] do_madvise+0x1bc/0x3e8
[<9000000000566df4>] sys_madvise+0x24/0x38
[<90000000015b9e88>] do_syscall+0x78/0x98
[<9000000000221f18>] handle_syscall+0xb8/0x158
In some cases, pmd may be NULL and rely on NULL as the return value for
processing, so it is necessary to determine this situation here.
Solution
References
- CVE-2025-38195
- https://attackerkb.com/topics/CVE-2025-38195
- URL-https://git.kernel.org/linus/ee084fa96123ede8b0563a1b5a9b23adc43cd50d
- URL-https://git.kernel.org/stable/c/985f086f281b7bbb6644851e63af1a17ffff9277
- URL-https://git.kernel.org/stable/c/b427d98d55217b53c88643579fbbd8a4c351a105
- URL-https://git.kernel.org/stable/c/b5c7397b7fd125203c60b59860c168ee92291272
- URL-https://git.kernel.org/stable/c/ee084fa96123ede8b0563a1b5a9b23adc43cd50d
- URL-https://www.cve.org/CVERecord?id=CVE-2025-38195
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.