CVE-2025-36000: 
IBM WebSphere Application Server vulnerability analysis and mitigation

CVE-2025-36000 is a security vulnerability discovered in the Linux kernel's management of huge pages, specifically related to a synchronization issue. The vulnerability was first reported on May 20, 2024, and affects multiple Linux distributions and enterprise systems. The issue occurs when multiple threads modify the reservation map together, particularly in a userfault context where it enters an unlikely path (Ubuntu Security).

The vulnerability stems from a missing hugetlblock implementation in the Linux kernel's huge page management system. The issue specifically manifests in the hugetlbcgroupunchargefoliorsvd() function, which updates the cgroup pointer without proper locking mechanisms. The problem was identified during UFFDIOCOPY operations over hugetlb, where the locking criteria was overlooked (Ubuntu Security).

The vulnerability affects various Linux distributions and enterprise systems, particularly impacting systems using huge pages for memory management. Several Ubuntu releases, including Ubuntu 22.04 LTS (jammy), were marked as vulnerable. The issue also affects various kernel variants including linux-azure, linux-gke, and linux-kvm (Ubuntu Security).

Several fixes have been implemented across different distributions. Ubuntu 24.04 LTS (noble) has been fixed with version 6.8.0-40.40, and similar fixes have been applied to other variants such as linux-azure (6.8.0-1012.14) and linux-gke (6.8.0-1008.11). Organizations running affected versions are advised to update to the latest patched versions (Ubuntu Security).