ACK: Re: [SRU][N][PATCH 0/1] CVE-2025-37958
Paolo Pisati
paolo.pisati at canonical.com
Thu Oct 16 09:36:59 UTC 2025
On Wed, Oct 15, 2025 at 02:32:58PM +0200, Massimiliano Pellizzer wrote:
> https://ubuntu.com/security/CVE-2025-37958
>
> [ Impact ]
>
> mm/huge_memory: fix dereferencing invalid pmd migration entry
>
> When migrating a THP, concurrent access to the PMD migration entry during
> a deferred split scan can lead to an invalid address access.
> To prevent this invalid access, it is necessary to
> check the PMD migration entry and return early.
>
> [ Fix ]
>
> Backport the following fix commit from upstream:
> be6e843fc51a mm/huge_memory: fix dereferencing invalid pmd migration entry
>
> [ Test Plan ]
>
> Compile and boot tested.
> Stress tested memory subsystem:
> $ sudo stress-ng --class memory --sequential 4 --timeout 30 --metrics-brief
> ...
> stress-ng: info: [1072] passed: 212: ...
> stress-ng: info: [1072] failed: 0
> stress-ng: info: [1072] metrics untrustworthy: 0
> stress-ng: info: [1072] successful run completed in 26 mins, 34.97 secs
>
>
> [ Regression Potential ]
>
> The fix modifies THP splitting and deferred-split handling to skip PMD
> migration entries. An issue with this patch may cause legitimate PMDs to
> be misclassified and skipped, increasing fragmentation and reclaim
> latency.
>
> [ Other Info ]
>
> Questing not affected.
> Plucky and Jammy fixed through stable updates.
>
> Gavin Guo (1):
> mm/huge_memory: fix dereferencing invalid pmd migration entry
>
> mm/huge_memory.c | 11 ++++++-----
> 1 file changed, 6 insertions(+), 5 deletions(-)
Acked-by: Paolo Pisati <paolo.pisati at canonical.com>
--
bye,
p.
More information about the kernel-team
mailing list