CVE-2025-22046 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: uprobes/x86: Harden uretprobe syscall trampoline check Jann reported a possible issue when trampoline_check_ip returns address near the bottom of the address space that is allowed to call into the syscall if uretprobes are not set up: https://lore.kernel.org/bpf/202502081235.5A6F352985@keescook/T/#m9d416df341b8fbc11737dacbcd29f0054413cbbf Though the mmap minimum address restrictions will typically prevent creating mappings there, let's make sure uretprobe syscall checks for that.

PUBLISHED Reserved 2024-12-29 | Published 2025-04-16 | Updated 2026-05-11 | Assigner Linux

Product status

Default status

unaffected

ff474a78cef5cb5f32be52fe25b78441327a2e7c (git) before c35771342e47d58ab9433f3be1c3c30f2c5fa4f3

affected

ff474a78cef5cb5f32be52fe25b78441327a2e7c (git) before b0065d712049c87e1994c6eac00c6a637e39b325

affected

ff474a78cef5cb5f32be52fe25b78441327a2e7c (git) before d4e48b8d59fe162938a5004ace698c847e6a3207

affected

ff474a78cef5cb5f32be52fe25b78441327a2e7c (git) before fa6192adc32f4fdfe5b74edd5b210e12afd6ecc0

affected

Default status

affected

6.11

affected

Any version before 6.11

unaffected

6.12.23 (semver)

unaffected

6.13.11 (semver)

unaffected

6.14.2 (semver)

unaffected

6.15 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/c35771342e47d58ab9433f3be1c3c30f2c5fa4f3

git.kernel.org/...c/b0065d712049c87e1994c6eac00c6a637e39b325

git.kernel.org/...c/d4e48b8d59fe162938a5004ace698c847e6a3207

git.kernel.org/...c/fa6192adc32f4fdfe5b74edd5b210e12afd6ecc0

cve.org (CVE-2025-22046)

nvd.nist.gov (CVE-2025-22046)

Download JSON

help @ threatint.eu