5.5

CVE-2025-38202

bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()

In the Linux kernel, the following vulnerability has been resolved:

bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()

bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf
program. When BPF JIT is disabled or under 32-bit host,
bpf_map_lookup_percpu_elem() will not be inlined. Using it in a
sleepable bpf program will trigger the warning in
bpf_map_lookup_percpu_elem(), because the bpf program only holds
rcu_read_lock_trace lock. Therefore, add the missed check.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.19 < 6.1.142
LinuxLinux Kernel Version >= 6.2 < 6.6.95
LinuxLinux Kernel Version >= 6.7 < 6.12.35
LinuxLinux Kernel Version >= 6.13 < 6.15.4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/2f8c69a72e8ad87b36b8052f789da3cc2b2e186c
Patch
https://git.kernel.org/stable/c/7bf4461f1c97207fda757014690d55a447ce859f
Patch
https://git.kernel.org/stable/c/2d834477bbc1e8b8a59ff8b0c081529d6bed7b22
Patch
https://git.kernel.org/stable/c/b522d4d334f206284b1a44b0b0b2f99fd443b39b
Patch
https://git.kernel.org/stable/c/d4965578267e2e81f67c86e2608481e77e9c8569
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List