{"id":"CVE-2025-39700","summary":"mm/damon/ops-common: ignore migration request to invalid nodes","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/ops-common: ignore migration request to invalid nodes\n\ndamon_migrate_pages() tries migration even if the target node is invalid. \nIf users mistakenly make such invalid requests via\nDAMOS_MIGRATE_{HOT,COLD} action, the below kernel BUG can happen.\n\n    [ 7831.883495] BUG: unable to handle page fault for address: 0000000000001f48\n    [ 7831.884160] #PF: supervisor read access in kernel mode\n    [ 7831.884681] #PF: error_code(0x0000) - not-present page\n    [ 7831.885203] PGD 0 P4D 0\n    [ 7831.885468] Oops: Oops: 0000 [#1] SMP PTI\n    [ 7831.885852] CPU: 31 UID: 0 PID: 94202 Comm: kdamond.0 Not tainted 6.16.0-rc5-mm-new-damon+ #93 PREEMPT(voluntary)\n    [ 7831.886913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-4.el9 04/01/2014\n    [ 7831.887777] RIP: 0010:__alloc_frozen_pages_noprof (include/linux/mmzone.h:1724 include/linux/mmzone.h:1750 mm/page_alloc.c:4936 mm/page_alloc.c:5137)\n    [...]\n    [ 7831.895953] Call Trace:\n    [ 7831.896195]  \u003cTASK\u003e\n    [ 7831.896397] __folio_alloc_noprof (mm/page_alloc.c:5183 mm/page_alloc.c:5192)\n    [ 7831.896787] migrate_pages_batch (mm/migrate.c:1189 mm/migrate.c:1851)\n    [ 7831.897228] ? __pfx_alloc_migration_target (mm/migrate.c:2137)\n    [ 7831.897735] migrate_pages (mm/migrate.c:2078)\n    [ 7831.898141] ? __pfx_alloc_migration_target (mm/migrate.c:2137)\n    [ 7831.898664] damon_migrate_folio_list (mm/damon/ops-common.c:321 mm/damon/ops-common.c:354)\n    [ 7831.899140] damon_migrate_pages (mm/damon/ops-common.c:405)\n    [...]\n\nAdd a target node validity check in damon_migrate_pages().  The validity\ncheck is stolen from that of do_pages_move(), which is being used for the\nmove_pages() system call.","modified":"2026-03-20T12:43:00.831613Z","published":"2025-09-05T17:21:06.479Z","related":["SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39700.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/7c303fa1f311aadc17fa82b7bbf776412adf45de"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7e6c3130690a01076efdf45aa02ba5d5c16849a0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9d0c2d15aff96746f99a7c97221bb8ce5b62db19"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39700.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39700"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b51820ebea656be3b48bb16dcdc5ad3f203c4fd7"},{"fixed":"7c303fa1f311aadc17fa82b7bbf776412adf45de"},{"fixed":"9d0c2d15aff96746f99a7c97221bb8ce5b62db19"},{"fixed":"7e6c3130690a01076efdf45aa02ba5d5c16849a0"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39700.json"}}],"schema_version":"1.7.5"}