CVE-2025-38681Race Condition in Linux

CWE-362Race ConditionCWE-366Race Condition within a Thread30 documents8 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 98.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 4
Latest updateMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove unmaps and tears down various kernel page table regions as required. The ptdump code can race with concurrent modifications of the kernel page tables. When leaf entries are modified concurrently, the dump code may log stale or inconsistent information for a VA range, but this is otherwise not harmful. But when intermediate levels of kernel page

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel5.75.10.241+6
Debianlinux/linux_kernel< 5.10.244-1+3
CVEListV5linux/linuxbbd6ec605c0fc286c3f8ce60b4ed44635361d58b3ee9a8c27bfd72c3f465004fa8455785d61be5e8+8

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-vmx6-h5gh-r675: In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remo2025-09-05
CVEList
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()2025-09-04
OSV
CVE-2025-38681: In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove2025-09-04

📋Vendor Advisories

26
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-25
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-04
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-03-04
Ubuntu
Linux kernel (Xilinx) vulnerabilities2026-02-24
Ubuntu
Linux kernel (IBM) vulnerabilities2026-02-24
CVE-2025-38681 — Race Condition in Linux | cvebase