CVE-2025-38359 — Improper Locking in Linux
Severity
5.5MEDIUMNVD
OSV5.6
EPSS
0.0%
top 95.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 25
Latest updateNov 4
Description
In the Linux kernel, the following vulnerability has been resolved:
s390/mm: Fix in_atomic() handling in do_secure_storage_access()
Kernel user spaces accesses to not exported pages in atomic context
incorrectly try to resolve the page fault.
With debug options enabled call traces like this can be seen:
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1523
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 419074, name: qemu-system-s39
preempt_count: 1, expecte…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6