CVE-2025-40353

Dec. 18, 2025, 3:08 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not warn if the page is already tagged in copy_highpage() The arm64 copy_highpage() assumes that the destination page is newly allocated and not MTE-tagged (PG_mte_tagged unset) and warns accordingly. However, following commit 060913999d7a ("mm: migrate: support poisoned recover from migrate folio"), folio_mc_copy() is called before __folio_migrate_mapping(). If the latter fails (-EAGAIN), the copy will be done again to the same destination page. Since copy_highpage() already set the PG_mte_tagged flag, this second copy will warn. Replace the WARN_ON_ONCE(page already tagged) in the arm64 copy_highpage() with a comment.

Product(s) Impacted

Product Versions

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/0bbf3fc6e9211fce9889fe8efbb89c220504d617
https://git.kernel.org/stable/c/5ff5765a1fc526f07d3bbaedb061d970eb13bcf4
https://git.kernel.org/stable/c/b98c94eed4a975e0c80b7e90a649a46967376f58

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-16
CVE-2025-40353

Timeline

Published: Dec. 16, 2025, 2:15 p.m.
Last Modified: Dec. 18, 2025, 3:08 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.