CVE-2025-38076

UNKNOWN 0.0

alloc_tag: allocate percpu counters for module tags dynamically

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: alloc_tag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tags are unused. However percpu counters referenced by the tags are freed by free_module(). This will lead to UAF if the memory allocated by a module is accessed after module was unloaded. To fix this we allocate percpu counters for module allocation tags dynamically and we keep it alive for tags which are still in use after module unloading. This also removes the requirement of a larger PERCPU_MODULE_RESERVE when memory allocation profiling is enabled because percpu memory for counters does not need to be reserved anymore.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 18, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

0db6f8d7820a4b788565dac8eed52bfc2c3216da < 3cc733e6d96c938d2b82be96858a0ab900eb6fdc 0db6f8d7820a4b788565dac8eed52bfc2c3216da < 12ca42c237756182aad8ab04654c952765cb9061

Linux / Linux

6.13

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/3cc733e6d96c938d2b82be96858a0ab900eb6fdc git.kernel.org: https://git.kernel.org/stable/c/12ca42c237756182aad8ab04654c952765cb9061