CVE-2025-38207Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference CountCWE-120Classic Buffer Overflow7 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 91.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
LinuxLinux KernelDebian Linux+7 more
Timeline
PublishedJul 4
Latest updateJul 8

Description

In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pte be overwritten when expanding vma". This patch (of 4): We encountered a BUG alert triggered by Syzkaller as follows: BUG: Bad rss-counter state mm:00000000b4a60fca type:MM_ANONPAGES val:1 And we can reproduce it with the following steps: 1. register uprobe on file at zero offset 2. mmap the file at zero offset: addr1 = mmap(NULL, 2 * 4096, PR

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages11 packages

NVDlinux/linux_kernel3.56.15.4
Debianlinux/linux_kernel< 6.16.3-1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-r267-h4hp-p29f: In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pt2025-07-04
OSV
CVE-2025-38207: In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pte2025-07-04

📋Vendor Advisories

4
Microsoft
mm: fix uprobe pte be overwritten when expanding vma2025-07-08
Red Hat
kernel: mm: fix uprobe pte be overwritten when expanding vma2025-07-04
Debian
CVE-2025-38207: linux - In the Linux kernel, the following vulnerability has been resolved: mm: fix upr...2025
Microsoft
drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for ab2021-08-10