Wiz
Vulnerability DatabaseCVE-2025-38084

CVE-2025-38084
Linux Kernel vulnerability analysis and mitigation

Overview

CVE-2025-38084 is a vulnerability discovered in the Linux kernel affecting the memory management subsystem, specifically related to huge page table handling during VMA (Virtual Memory Area) splits. The vulnerability was disclosed on June 28, 2025 (NVD, Wiz).

Technical details

The vulnerability exists in the Linux kernel's memory management subsystem where splitvma() triggers hugetlb page table unsharing through vmops->maysplit(). The issue occurs because this operation happens before the VMA lock and rmap locks are taken, which is too early in the process. This timing allows racing VMA-locked page faults in the process and racing rmap walks from other processes to cause page tables to be shared again before the actual split is performed (NVD).

Impact

The vulnerability affects multiple versions of the Linux kernel and is currently marked as vulnerable in various distributions including bullseye, bookworm, trixie, and sid (Wiz).

Mitigation and workarounds

The fix involves explicitly calling into the hugetlb unshare logic from splitvma() in the same location where THP splitting occurs, ensuring both the VMA and the rmap(s) are write-locked during the operation (NVD).

Additional resources

SourceThis report was generated using AI

Related Linux Kernel vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-40344N/AN/A
  • Linux KernelLinux Kernel
  • kernel-rt-devel
NoYesDec 09, 2025
CVE-2025-40343N/AN/A
  • Linux KernelLinux Kernel
  • bpftool
NoYesDec 09, 2025
CVE-2025-40342N/AN/A
  • Linux KernelLinux Kernel
  • kernel-rt-trace
NoYesDec 09, 2025
CVE-2025-40341N/AN/A
  • Linux KernelLinux Kernel
  • kernel-headers
NoYesDec 09, 2025
CVE-2025-40340N/AN/A
  • Linux KernelLinux Kernel
  • kernel-rt-64k-debug-modules-extra
NoYesDec 09, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo