CVE - CVE-2025-37818

CVE-ID
CVE-2025-37818	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Return NULL from huge_pte_offset() for invalid PMD LoongArch's huge_pte_offset() currently returns a pointer to a PMD slot even if the underlying entry points to invalid_pte_table (indicating no mapping). Callers like smaps_hugetlb_range() fetch this invalid entry value (the address of invalid_pte_table) via this pointer. The generic is_swap_pte() check then incorrectly identifies this address as a swap entry on LoongArch, because it satisfies the "!pte_present() && !pte_none()" conditions. This misinterpretation, combined with a coincidental match by is_migration_entry() on the address bits, leads to kernel crashes in pfn_swap_entry_to_page(). Fix this at the architecture level by modifying huge_pte_offset() to check the PMD entry's content using pmd_none() before returning. If the entry is invalid (i.e., it points to invalid_pte_table), return NULL instead of the pointer to the slot.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/2ca9380b12711afe95b3589bd82b59623b3c96b3 URL:https://git.kernel.org/stable/c/2ca9380b12711afe95b3589bd82b59623b3c96b3 MISC:https://git.kernel.org/stable/c/34256805720993e37adf6127371a1265aea8376a URL:https://git.kernel.org/stable/c/34256805720993e37adf6127371a1265aea8376a MISC:https://git.kernel.org/stable/c/51424fd171cee6a33f01f7c66b8eb23ac42289d4 URL:https://git.kernel.org/stable/c/51424fd171cee6a33f01f7c66b8eb23ac42289d4 MISC:https://git.kernel.org/stable/c/b49f085cd671addbda4802d6b9382513f7dd0f30 URL:https://git.kernel.org/stable/c/b49f085cd671addbda4802d6b9382513f7dd0f30 MISC:https://git.kernel.org/stable/c/bd51834d1cf65a2c801295d230c220aeebf87a73 URL:https://git.kernel.org/stable/c/bd51834d1cf65a2c801295d230c220aeebf87a73
Assigning CNA
kernel.org
Date Record Created
20250416	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250416)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)