-
CVE-2025-38607
- EPSS 0.02%
- Published 19.08.2025 17:15:39
- Last modified 20.08.2025 14:40:17
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset (if a & b ...) as a jump in CFG computation BPF_JSET is a conditional jump and currently verifier.c:can_jump() does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the following example: 1: r0 = 1; 2: r2 = 2; 3: if r1 & 0x7 goto +1; 4: exit; 5: r0 = r2; 6: exit; W/o this fix insn_successors(3) will return only (4), a jump to (5) would be missed and r2 won't be marked as alive at (3).
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
65eb166b8636365ad3d6e36d50a7c5edfe6cc66e
Version
14c8552db64476ffc27c13dc6652fc0dac31c0ba
Status
affected
Version <
261b30ad1516f4b9edd500aa6e8d6315c8fc109a
Version
14c8552db64476ffc27c13dc6652fc0dac31c0ba
Status
affected
Version <
3157f7e2999616ac91f4d559a8566214f74000a5
Version
14c8552db64476ffc27c13dc6652fc0dac31c0ba
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
6.15
Status
affected
Version <
6.15
Version
0
Status
unaffected
Version <=
6.15.*
Version
6.15.10
Status
unaffected
Version <=
6.16.*
Version
6.16.1
Status
unaffected
Version <=
*
Version
6.17-rc1
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.049 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|