CVE-2025-38359: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel affecting the s390/mm subsystem, specifically in the handling of inatomic() within the dosecurestorageaccess() function. The vulnerability was assigned CVE-2025-38359 and was disclosed on July 25, 2025. This issue affects the Linux kernel's memory management functionality on s390 architecture systems (NVD).

The vulnerability stems from incorrect handling of page faults in atomic context when accessing non-exported pages. Specifically, kernel user space accesses to not exported pages in atomic context incorrectly attempt to resolve page faults. The issue manifests when trying to take the mmap_lock while in atomic context, which is not allowed. This can result in sleeping function calls from invalid contexts, as evidenced by debug traces showing BUG warnings at kernel/locking/rwsem.c:1523 (NVD).

When triggered, the vulnerability can cause system instability due to improper handling of page faults in atomic context. The issue specifically affects systems running the Linux kernel on s390 architecture, particularly in environments where secure storage access operations are performed (NVD).

The fix involves handling secure storage access faults as if the accessed page is not mapped when in atomic context. In such cases, the uaccess function will return -EFAULT, and the caller must handle this condition appropriately. This typically results in the access being retried in process context, where page fault resolution is allowed (NVD).