CVE-2025-38510

CPU0 CPU1 vmalloc(); allocvmaparea(); spinlock(&vn->busy.lock) spinlockbh(&somelock); <interrupt occurs> <in softirq> spinlock(&somelock); <access invalid address> kasanreport(); printreport(); printaddressdescription(); kasanfindvmarea(); findvmarea(); spinlock(&vn->busy.lock) // deadlock!

To prevent possible deadlock while kasan reports, remove kasanfindvm_area().

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c056a364e9546bd513d1f5205f0ee316d8acb910

Fixed

595f78d99b9051600233c0a5c4c47e1097e6ed01

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c056a364e9546bd513d1f5205f0ee316d8acb910

Fixed

8377d7744bdce5c4b3f1b58924eebd3fdc078dfc

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c056a364e9546bd513d1f5205f0ee316d8acb910

Fixed

2d89dab1ea6086e6cbe6fe92531b496fb6808cb9

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c056a364e9546bd513d1f5205f0ee316d8acb910

Fixed

0c3566d831def922cd56322c772a7b20d8b0e0c0

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c056a364e9546bd513d1f5205f0ee316d8acb910

Fixed

6ee9b3d84775944fb8c8a447961cd01274ac671c

Affected versions

v5.*

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.100

v6.1.101

v6.1.102

v6.1.103

v6.1.104

v6.1.105

v6.1.106

v6.1.107

v6.1.108

v6.1.109

v6.1.11

v6.1.110

v6.1.111

v6.1.112

v6.1.113

v6.1.114

v6.1.115

v6.1.116

v6.1.117

v6.1.118

v6.1.119

v6.1.12

v6.1.120

v6.1.121

v6.1.122

v6.1.123

v6.1.124

v6.1.125

v6.1.126

v6.1.127

v6.1.128

v6.1.129

v6.1.13

v6.1.130

v6.1.131

v6.1.132

v6.1.133

v6.1.134

v6.1.135

v6.1.136

v6.1.137

v6.1.138

v6.1.139

v6.1.14

v6.1.140

v6.1.141

v6.1.142

v6.1.143

v6.1.144

v6.1.145

v6.1.15

v6.1.16

v6.1.17

v6.1.18

v6.1.19

v6.1.2

v6.1.20

v6.1.21

v6.1.22

v6.1.23

v6.1.24

v6.1.25

v6.1.26

v6.1.27

v6.1.28

v6.1.29

v6.1.3

v6.1.30

v6.1.31

v6.1.32

v6.1.33

v6.1.34

v6.1.35

v6.1.36

v6.1.37

v6.1.38

v6.1.39

v6.1.4

v6.1.40

v6.1.41

v6.1.42

v6.1.43

v6.1.44

v6.1.45

v6.1.46

v6.1.47

v6.1.48

v6.1.49

v6.1.5

v6.1.50

v6.1.51

v6.1.52

v6.1.53

v6.1.54

v6.1.55

v6.1.56

v6.1.57

v6.1.58

v6.1.59

v6.1.6

v6.1.60

v6.1.61

v6.1.62

v6.1.63

v6.1.64

v6.1.65

v6.1.66

v6.1.67

v6.1.68

v6.1.69

v6.1.7

v6.1.70

v6.1.71

v6.1.72

v6.1.73

v6.1.74

v6.1.75

v6.1.76

v6.1.77

v6.1.78

v6.1.79

v6.1.8

v6.1.80

v6.1.81

v6.1.82

v6.1.83

v6.1.84

v6.1.85

v6.1.86

v6.1.87

v6.1.88

v6.1.89

v6.1.9

v6.1.90

v6.1.91

v6.1.92

v6.1.93

v6.1.94

v6.1.95

v6.1.96

v6.1.97

v6.1.98

v6.1.99

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.1

v6.12.10

v6.12.11

v6.12.12

v6.12.13

v6.12.14

v6.12.15

v6.12.16

v6.12.17

v6.12.18

v6.12.19

v6.12.2

v6.12.20

v6.12.21

v6.12.22

v6.12.23

v6.12.24

v6.12.25

v6.12.26

v6.12.27

v6.12.28

v6.12.29

v6.12.3

v6.12.30

v6.12.31

v6.12.32

v6.12.33

v6.12.34

v6.12.35

v6.12.36

v6.12.37

v6.12.38

v6.12.4

v6.12.5

v6.12.6

v6.12.7

v6.12.8

v6.12.9

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.15.1

v6.15.2

v6.15.3

v6.15.4

v6.15.5

v6.15.6

v6.16-rc1

v6.16-rc2

v6.16-rc3

v6.16-rc4

v6.16-rc5

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.3

v6.6.30

v6.6.31

v6.6.32

v6.6.33

v6.6.34

v6.6.35

v6.6.36

v6.6.37

v6.6.38

v6.6.39

v6.6.4

v6.6.40

v6.6.41

v6.6.42

v6.6.43

v6.6.44

v6.6.45

v6.6.46

v6.6.47

v6.6.48

v6.6.49

v6.6.5

v6.6.50

v6.6.51

v6.6.52

v6.6.53

v6.6.54

v6.6.55

v6.6.56

v6.6.57

v6.6.58

v6.6.59

v6.6.6

v6.6.60

v6.6.61

v6.6.62

v6.6.63

v6.6.64

v6.6.65

v6.6.66

v6.6.67

v6.6.68

v6.6.69

v6.6.7

v6.6.70

v6.6.71

v6.6.72

v6.6.73

v6.6.74

v6.6.75

v6.6.76

v6.6.77

v6.6.78

v6.6.79

v6.6.8

v6.6.80

v6.6.81

v6.6.82

v6.6.83

v6.6.84

v6.6.85

v6.6.86

v6.6.87

v6.6.88

v6.6.89

v6.6.9

v6.6.90

v6.6.91

v6.6.92

v6.6.93

v6.6.94

v6.6.95

v6.6.96

v6.6.97

v6.6.98

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

Database specific

vanir_signatures

[
    {
        "digest": {
            "length": 1047.0,
            "function_hash": "37476487589144994078351388986356549116"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ee9b3d84775944fb8c8a447961cd01274ac671c",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "mm/kasan/report.c",
            "function": "print_address_description"
        },
        "signature_type": "Function",
        "id": "CVE-2025-38510-43ca9165"
    },
    {
        "digest": {
            "length": 266.0,
            "function_hash": "4220073102565858349552598122423791283"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ee9b3d84775944fb8c8a447961cd01274ac671c",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "mm/kasan/report.c",
            "function": "kasan_find_vm_area"
        },
        "signature_type": "Function",
        "id": "CVE-2025-38510-4a3e8a74"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "110660439622306808425907262553000710764",
                "12145944810961613077743558622958748992",
                "180899591240906204224563621015813323292",
                "248924229507607869798890641637487147888",
                "137265742362703945614487191797432298725",
                "321522613493362670082332328617349304621",
                "147494797353921414355366812958009181032",
                "34183638488614004956075239481451670235",
                "218554153510722854338838372854191273921",
                "284248322946230979236712878434032887147",
                "59915117023245444875949846511201781453",
                "53261682775688205021076615684540231393",
                "159725845304569929990564954393732446978",
                "332994144346543540626917242931822739797",
                "250504385350876330738413454111473934855",
                "215994172062309148569352752114817406664",
                "298423115297350523375254754603913157149",
                "149615672458540506783455227327402669371",
                "81728579579233882662544782198216106117",
                "193265002914535212629163356759821086753",
                "275683484673358220119725450560605857827",
                "237272846174635763936396998775842629566",
                "324312937732194187088319381417559243634",
                "30816664029633435243513936206066190136",
                "89346941853514416886341690185718836530",
                "7446526909822671199368806075096824751",
                "54736381648567955885395006789871235820"
            ]
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ee9b3d84775944fb8c8a447961cd01274ac671c",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "mm/kasan/report.c"
        },
        "signature_type": "Line",
        "id": "CVE-2025-38510-bb6cd684"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "150215298824316965723442592254048985454",
                "33542934671960268887393554232720726802",
                "30172321540796185194218569502771314137",
                "131416178729986073612358450808751615920",
                "81728579579233882662544782198216106117",
                "193265002914535212629163356759821086753",
                "275683484673358220119725450560605857827",
                "109608815217116532360214676070776491260",
                "271377275423884679014395258263563965720",
                "72278412934794839087307949539160358028",
                "54736381648567955885395006789871235820"
            ]
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2d89dab1ea6086e6cbe6fe92531b496fb6808cb9",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "mm/kasan/report.c"
        },
        "signature_type": "Line",
        "id": "CVE-2025-38510-cbccc0fc"
    },
    {
        "digest": {
            "length": 952.0,
            "function_hash": "266535789285530080788797009580526330193"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2d89dab1ea6086e6cbe6fe92531b496fb6808cb9",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "mm/kasan/report.c",
            "function": "print_address_description"
        },
        "signature_type": "Function",
        "id": "CVE-2025-38510-ebf503f7"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "150215298824316965723442592254048985454",
                "33542934671960268887393554232720726802",
                "30172321540796185194218569502771314137",
                "131416178729986073612358450808751615920",
                "81728579579233882662544782198216106117",
                "193265002914535212629163356759821086753",
                "275683484673358220119725450560605857827",
                "109608815217116532360214676070776491260",
                "271377275423884679014395258263563965720",
                "72278412934794839087307949539160358028",
                "54736381648567955885395006789871235820"
            ]
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@595f78d99b9051600233c0a5c4c47e1097e6ed01",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "mm/kasan/report.c"
        },
        "signature_type": "Line",
        "id": "CVE-2025-38510-ef3de352"
    },
    {
        "digest": {
            "length": 952.0,
            "function_hash": "266535789285530080788797009580526330193"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@595f78d99b9051600233c0a5c4c47e1097e6ed01",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "mm/kasan/report.c",
            "function": "print_address_description"
        },
        "signature_type": "Function",
        "id": "CVE-2025-38510-f2123e90"
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.18.0

Fixed

6.1.146

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.99

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.39

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.15.7