-

CVE-2025-38723

EPSS 0.04%
Veröffentlicht 04.09.2025 15:33:16
Zuletzt bearbeitet 05.09.2025 17:47:24
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: BPF: Fix jump offset calculation in tailcall

The extra pass of bpf_int_jit_compile() skips JIT context initialization
which essentially skips offset calculation leaving out_offset = -1, so
the jmp_offset in emit_bpf_tail_call is calculated by

"#define jmp_offset (out_offset - (cur_offset))"

is a negative number, which is wrong. The final generated assembly are
as follow.

54:	bgeu        	$a2, $t1, -8	    # 0x0000004c
58:	addi.d      	$a6, $s5, -1
5c:	bltz        	$a6, -16	    # 0x0000004c
60:	alsl.d      	$t2, $a2, $a1, 0x3
64:	ld.d        	$t2, $t2, 264
68:	beq         	$t2, $zero, -28	    # 0x0000004c

Before apply this patch, the follow test case will reveal soft lock issues.

cd tools/testing/selftests/bpf/
./test_progs --allow=tailcalls/tailcall_bpf2bpf_1

dmesg:
watchdog: BUG: soft lockup - CPU#2 stuck for 26s! [test_progs:25056]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 1a782fa32e644aa9fbae6c8488f3e61221ac96e1

Version 5dc615520c4dfb358245680f1904bad61116648e

Status affected

Version < 17c010fe45def335fe03a0718935416b04c7f349

Version 5dc615520c4dfb358245680f1904bad61116648e

Status affected

Version < f83d469e16bb1f75991ca67c56786fb2aaa42bea

Version 5dc615520c4dfb358245680f1904bad61116648e

Status affected

Version < f2b5e50cc04d7a049b385bc1c93b9cbf5f10c94f

Version 5dc615520c4dfb358245680f1904bad61116648e

Status affected

Version < 9262e3e04621558e875eb5afb5e726b648cd5949

Version 5dc615520c4dfb358245680f1904bad61116648e

Status affected

Version < cd39d9e6b7e4c58fa77783e7aedf7ada51d02ea3

Version 5dc615520c4dfb358245680f1904bad61116648e

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.1

Status affected

Version < 6.1

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.103

Status unaffected

Version <= 6.12.*

Version 6.12.43

Status unaffected

Version <= 6.15.*

Version 6.15.11

Status unaffected

Version <= 6.16.*

Version 6.16.2

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.092

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/1a782fa32e644aa9fbae6c8488f3e61221ac96e1

https://git.kernel.org/stable/c/17c010fe45def335fe03a0718935416b04c7f349

https://git.kernel.org/stable/c/f83d469e16bb1f75991ca67c56786fb2aaa42bea

https://git.kernel.org/stable/c/f2b5e50cc04d7a049b385bc1c93b9cbf5f10c94f

https://git.kernel.org/stable/c/9262e3e04621558e875eb5afb5e726b648cd5949

https://git.kernel.org/stable/c/cd39d9e6b7e4c58fa77783e7aedf7ada51d02ea3

https://nvd.nist.gov/vuln/detail/CVE-2025-38723

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38723

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38723

EUVD