CVE-2025-37834: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability (CVE-2025-37834) was discovered in the Linux kernel's memory management subsystem, specifically affecting the mm/vmscan component's handling of hwpoison (hardware-poisoned) folios. The issue was identified and reported through the Syzkaller kernel fuzzing tool on May 8, 2025, affecting various Linux kernel versions (NVD, Wiz).

The vulnerability occurs when a dirty swapcache page is isolated by the reclaim process and the page isn't locked during memory failure injection. When the hwpoison flag is set, the uptodate flag is cleared, but the page remains in the LRU list. This leads to a kernel BUG when attempting to reclaim the page again through addtoswap(), resulting in a NULL pointer dereference and subsequent kernel panic. The issue has been assigned a CVSS v3.1 Base Score of 7.0 with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (Red Hat).

When exploited, this vulnerability can lead to system instability and potential denial of service conditions. The issue causes memory pages to never be freed and remain in the LRU list indefinitely, potentially leading to memory leaks and system crashes (Wiz).

The fix involves modifying the shrinkfoliolist() function to skip hwpoisoned pages during memory reclamation. Additionally, the patch ensures that hwpoisoned folios are properly unmapped in shrinkfoliolist() if they haven't been unmapped by hwpoisonusermappings() yet (Wiz).