CVE-2025-38339
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-11-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is related to the Linux kernel's powerpc architecture BPF (Berkeley Packet Filter) JIT (Just-In-Time) compilation process. Specifically, the function arch_bpf_trampoline_size() calculates the size of the JIT code for a BPF trampoline before allocating the buffer. However, the actual number of instructions emitted during JIT compilation can vary depending on the final image location, causing the initially calculated size to be smaller than needed. This mismatch can trigger a warning and potentially lead to issues with buffer overflow or incorrect memory handling during trampoline generation. The fix involves accounting for the maximum possible instructions during the dummy pass to ensure the buffer size is sufficient regardless of image location dependencies.
How can this vulnerability impact me? :
This vulnerability can impact system stability and security by causing buffer overflows or memory corruption during the JIT compilation of BPF trampolines on powerpc architectures. Such issues may lead to kernel warnings, crashes, or potentially exploitable conditions that could be leveraged to execute arbitrary code or cause denial of service. Therefore, it affects the reliability and security of systems running vulnerable Linux kernel versions on powerpc platforms.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring the system logs for the specific warning message produced by the issue: "WARNING: CPU: <cpu> PID: <pid> at arch/powerpc/net/bpf_jit_comp.c:981 __arch_prepare_bpf_trampoline.isra.0+0xd2c/0xdcc". You can use the following command to search for this warning in the kernel logs: sudo dmesg | grep 'arch/powerpc/net/bpf_jit_comp.c:981' or sudo journalctl -k | grep 'arch/powerpc/net/bpf_jit_comp.c:981' This will help identify if the problematic JIT trampoline code size calculation warning has occurred on your system.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating the Linux kernel to a version where the vulnerability has been fixed. The fix corrects the JIT code size calculation for the BPF trampoline in the powerpc architecture. Until the update is applied, monitoring for the warning message can help identify if the issue is occurring. There are no other specific mitigations or workarounds detailed.