CVE-2025-40218

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mm/damon/vaddr: do not repeat pte_offset_map_lock() until success<br /> <br /> DAMON&amp;#39;s virtual address space operation set implementation (vaddr) calls<br /> pte_offset_map_lock() inside the page table walk callback function. This<br /> is for reading and writing page table accessed bits. If<br /> pte_offset_map_lock() fails, it retries by returning the page table walk<br /> callback function with ACTION_AGAIN.<br /> <br /> pte_offset_map_lock() can continuously fail if the target is a pmd<br /> migration entry, though. Hence it could cause an infinite page table walk<br /> if the migration cannot be done until the page table walk is finished. <br /> This indeed caused a soft lockup when CPU hotplugging and DAMON were<br /> running in parallel.<br /> <br /> Avoid the infinite loop by simply not retrying the page table walk. DAMON<br /> is promising only a best-effort accuracy, so missing access to such pages<br /> is no problem.