CVE-2025-38607 in Linuxinformazioni

Riassunto

di MITRE • 19/08/2025

In the Linux kernel, the following vulnerability has been resolved:

bpf: handle jset (if a & b ...) as a jump in CFG computation

BPF_JSET is a conditional jump and currently verifier.c:can_jump() does not know about that. This can lead to incorrect live registers and SCC computation.

E.g. in the following example:

1: r0 = 1; 2: r2 = 2; 3: if r1 & 0x7 goto +1; 4: exit; 5: r0 = r2; 6: exit;

W/o this fix insn_successors(3) will return only (4), a jump to (5) would be missed and r2 won't be marked as alive at (3).

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsabile

Linux

Prenotare

16/04/2025

Divulgazione

19/08/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00134

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!