CVE-2025-38202
published 2025-07-04CVE-2025-38202: In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()
bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf
program. When BPF JIT is disabled or under 32-bit host,
bpf_map_lookup_percpu_elem() will not be inlined. Using it in a
sleepable bpf program will trigger the warning in
bpf_map_lookup_percpu_elem(), because the bpf program only holds
rcu_read_lock_trace lock. Therefore, add the missed check.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 07343110b293456d30393e89b86c4dee1ac051c8 < 2f8c69a72e8ad87b36b8052f789da3cc2b2e186c | 2f8c69a72e8ad87b36b8052f789da3cc2b2e186c |
| linux | linux | >= 07343110b293456d30393e89b86c4dee1ac051c8 < 7bf4461f1c97207fda757014690d55a447ce859f | 7bf4461f1c97207fda757014690d55a447ce859f |
| linux | linux | >= 07343110b293456d30393e89b86c4dee1ac051c8 < 2d834477bbc1e8b8a59ff8b0c081529d6bed7b22 | 2d834477bbc1e8b8a59ff8b0c081529d6bed7b22 |
| linux | linux | >= 07343110b293456d30393e89b86c4dee1ac051c8 < b522d4d334f206284b1a44b0b0b2f99fd443b39b | b522d4d334f206284b1a44b0b0b2f99fd443b39b |
| linux | linux | >= 07343110b293456d30393e89b86c4dee1ac051c8 < d4965578267e2e81f67c86e2608481e77e9c8569 | d4965578267e2e81f67c86e2608481e77e9c8569 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 5.19 < 6.1.142 | 6.1.142 |
| linux | linux_kernel | >= 6.13 < 6.15.4 | 6.15.4 |
| linux | linux_kernel | >= 6.2 < 6.6.95 | 6.6.95 |
| linux | linux_kernel | >= 6.7 < 6.12.35 | 6.12.35 |
| msrc | azl3_kernel_6.6.92.2-2_on_azure_linux_3.0 | — | — |
| msrc | cbl2_kernel_5.10.78.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_kernel_5.10.60.1-1_on_cbl_mariner_1.0 | — | — |
| ubuntu | linux-aws | — | — |
| ubuntu | linux-aws-6.8 | — | — |
| ubuntu | linux-gkeop | — | — |
| ubuntu | linux-nvidia | — | — |
| ubuntu | linux-nvidia-6.8 | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.6MEDIUM