CVE-2025-38285
published 2025-07-10CVE-2025-38285: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN() in get_bpf_raw_tp_regs syzkaller reported an issue: WARNING: CPU: 3 PID…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix WARN() in get_bpf_raw_tp_regs
syzkaller reported an issue:
WARNING: CPU: 3 PID: 5971 at kernel/trace/bpf_trace.c:1861 get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861
Modules linked in:
CPU: 3 UID: 0 PID: 5971 Comm: syz-executor205 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full)
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861
RSP: 0018:ffffc90003636fa8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff81c6bc4c
RDX: ffff888032efc880 RSI: ffffffff81c6bc83 RDI: 0000000000000005
RBP: ffff88806a730860 R08: 0000000000000005 R09: 0000000000000003
R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000001 R14: ffffc90003637008 R15: 0000000000000900
FS: 0000000000000000(0000) GS:ffff8880d6cdf000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f7baee09130 CR3: 0000000029f5a000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1934 [inline]
bpf_get_stack_raw_tp+0x24/0x160 kernel/trace/bpf_trace.c:1931
bpf_prog_ec3b2eefa702d8d3+0x43/0x47
bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline]
__bpf_prog_run include/linux/filter.h:718 [inline]
bpf_prog_run include/linux/filter.h:725 [inline]
__bpf_trace_run kernel/trace/bpf_trace.c:2363 [inline]
bpf_trace_run3+0x23f/0x5a0 kernel/trace/bpf_trace.c:2405
__bpf_trace_mmap_lock_acquire_returned+0xfc/0x140 include/trace/events/mmap_lock.h:47
__traceiter_mmap_lock_acquire_returned+0x79/0xc0 include/trace/events/mmap_lock.h:47
__do_trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:47 [inline]
trace_mmap_lock_acquire_returned include
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | — | — |
| linux | linux | — | — |
| linux | linux | >= 4.19.57 < 4.20 | 4.20 |
| linux | linux | >= 5.1.16 < 5.2 | 5.2 |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < 44ebe361abb322d2afd77930fa767a99f271c4d1 | 44ebe361abb322d2afd77930fa767a99f271c4d1 |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < 147ea936fc6fa8fe0c93f0df918803a5375ca535 | 147ea936fc6fa8fe0c93f0df918803a5375ca535 |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < ee90be48edb3dac612e0b7f5332482a9e8be2696 | ee90be48edb3dac612e0b7f5332482a9e8be2696 |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < e167414beabb1e941fe563a96becc98627d5bdf6 | e167414beabb1e941fe563a96becc98627d5bdf6 |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < 6d8f39875a10a194051c3eaefebc7ac06a34aaf3 | 6d8f39875a10a194051c3eaefebc7ac06a34aaf3 |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < c98cdf6795a36bca163ebb40411fef1687b9eb13 | c98cdf6795a36bca163ebb40411fef1687b9eb13 |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < 18e8cbbae79cb35bdce8a01c889827b9799c762e | 18e8cbbae79cb35bdce8a01c889827b9799c762e |
| linux | linux | >= 9594dc3c7e71b9f52bee1d7852eb3d4e3aea9e99 < 3880cdbed1c4607e378f58fa924c5d6df900d1d3 | 3880cdbed1c4607e378f58fa924c5d6df900d1d3 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 5.15.0-156.166 | 5.15.0-156.166 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 4.19.57 < 4.20 | 4.20 |
| linux | linux_kernel | >= 5.1.16 < 5.2 | 5.2 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM