AZL-65792

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65792.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-65792

Upstream

CVE-2025-38364

Published

2025-07-25T13:15:25Z

Modified

2026-04-01T05:20:39.254874Z

Summary

CVE-2025-38364 affecting package kernel for versions less than 6.6.104.2-1

Details

In the Linux kernel, the following vulnerability has been resolved:

mapletree: fix MASTATEPREALLOC flag in maspreallocate()

Temporarily clear the preallocation flag when explicitly requesting allocations. Pre-existing allocations are already counted against the request through masnodecountgfp(), but the allocations will not happen if the MASTATE_PREALLOC flag is set. This flag is meant to avoid re-allocating in bulk allocation mode, and to detect issues with preallocation calculations.

The MASTATEPREALLOC flag should also always be set on zero allocations so that detection of underflow allocations will print a WARN_ON() during consumption.

User visible effect of this flaw is a WARNON() followed by a null pointer dereference when subsequent requests for larger number of nodes is ignored, such as the vma merge retry in mmapregion() caused by drivers altering the vma flags (which happens in v6.6, at least)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-38364

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.104.2-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65792.json"