{"id":"CVE-2025-38510","summary":"kasan: remove kasan_find_vm_area() to prevent possible deadlock","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn't be called in atomic_context.  If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0                                CPU1\nvmalloc();\n alloc_vmap_area();\n  spin_lock(&vn-\u003ebusy.lock)\n                                    spin_lock_bh(&some_lock);\n   \u003cinterrupt occurs\u003e\n   \u003cin softirq\u003e\n   spin_lock(&some_lock);\n                                    \u003caccess invalid address\u003e\n                                    kasan_report();\n                                     print_report();\n                                      print_address_description();\n                                       kasan_find_vm_area();\n                                        find_vm_area();\n                                         spin_lock(&vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().","modified":"2026-03-20T12:42:53.981514Z","published":"2025-08-16T10:54:52.438Z","related":["SUSE-SU-2025:03272-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1","SUSE-SU-2026:20555-1","SUSE-SU-2026:20599-1","SUSE-SU-2026:20615-1","openSUSE-SU-2026:20287-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38510.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0c3566d831def922cd56322c772a7b20d8b0e0c0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2d89dab1ea6086e6cbe6fe92531b496fb6808cb9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/595f78d99b9051600233c0a5c4c47e1097e6ed01"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6ee9b3d84775944fb8c8a447961cd01274ac671c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8377d7744bdce5c4b3f1b58924eebd3fdc078dfc"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38510.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38510"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c056a364e9546bd513d1f5205f0ee316d8acb910"},{"fixed":"595f78d99b9051600233c0a5c4c47e1097e6ed01"},{"fixed":"8377d7744bdce5c4b3f1b58924eebd3fdc078dfc"},{"fixed":"2d89dab1ea6086e6cbe6fe92531b496fb6808cb9"},{"fixed":"0c3566d831def922cd56322c772a7b20d8b0e0c0"},{"fixed":"6ee9b3d84775944fb8c8a447961cd01274ac671c"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38510.json"}}],"schema_version":"1.7.5"}