{"id":"AZL-65925","summary":"CVE-2025-38496 affecting package kernel for versions less than 6.6.104.2-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: fix sched in atomic context\n\nIf \"try_verify_in_tasklet\" is set for dm-verity, DM_BUFIO_CLIENT_NO_SLEEP\nis enabled for dm-bufio. However, when bufio tries to evict buffers, there\nis a chance to trigger scheduling in spin_lock_bh, the following warning\nis hit:\n\nBUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2745\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 123, name: kworker/2:2\npreempt_count: 201, expected: 0\nRCU nest depth: 0, expected: 0\n4 locks held by kworker/2:2/123:\n #0: ffff88800a2d1548 ((wq_completion)dm_bufio_cache){....}-{0:0}, at: process_one_work+0xe46/0x1970\n #1: ffffc90000d97d20 ((work_completion)(&dm_bufio_replacement_work)){....}-{0:0}, at: process_one_work+0x763/0x1970\n #2: ffffffff8555b528 (dm_bufio_clients_lock){....}-{3:3}, at: do_global_cleanup+0x1ce/0x710\n #3: ffff88801d5820b8 (&c-\u003espinlock){....}-{2:2}, at: do_global_cleanup+0x2a5/0x710\nPreemption disabled at:\n[\u003c0000000000000000\u003e] 0x0\nCPU: 2 UID: 0 PID: 123 Comm: kworker/2:2 Not tainted 6.16.0-rc3-g90548c634bd0 #305 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nWorkqueue: dm_bufio_cache do_global_cleanup\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x53/0x70\n __might_resched+0x360/0x4e0\n do_global_cleanup+0x2f5/0x710\n process_one_work+0x7db/0x1970\n worker_thread+0x518/0xea0\n kthread+0x359/0x690\n ret_from_fork+0xf3/0x1b0\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThat can be reproduced by:\n\n  veritysetup format --data-block-size=4096 --hash-block-size=4096 /dev/vda /dev/vdb\n  SIZE=$(blockdev --getsz /dev/vda)\n  dmsetup create myverity -r --table \"0 $SIZE verity 1 /dev/vda /dev/vdb 4096 4096 \u003cdata_blocks\u003e 1 sha256 \u003croot_hash\u003e \u003csalt\u003e 1 try_verify_in_tasklet\"\n  mount /dev/dm-0 /mnt -o ro\n  echo 102400 \u003e /sys/module/dm_bufio/parameters/max_cache_size_bytes\n  [read files in /mnt]","modified":"2026-04-01T05:20:53.918763Z","published":"2025-07-28T12:15:31Z","upstream":["CVE-2025-38496"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38496"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.104.2-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65925.json"}}],"schema_version":"1.7.5"}