CVE-2025-37884 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Fix the following deadlock: CPU A _free_event() perf_kprobe_destroy() mutex_lock(&event_mutex) perf_trace_event_unreg() synchronize_rcu_tasks_trace() There are several paths where _free_event() grabs event_mutex and calls sync_rcu_tasks_trace. Above is one such case. CPU B bpf_prog_test_run_syscall() rcu_read_lock_trace() bpf_prog_run_pin_on_cpu() bpf_prog_load() bpf_tracing_func_proto() trace_set_clr_event() mutex_lock(&event_mutex) Delegate trace_set_clr_event() to workqueue to avoid such lock dependency.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-09 | Updated 2025-05-26 | Assigner Linux

Product status

Default status

unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 255cbc9db7067a83713fd2f4b31034ddd266549a

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b5a528a34e1f613565115a7a6016862ccbfcb9ac

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before c5c833f6375f8ecf9254dd27946c927c7d645421

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 45286680b385f2592db3003554872388dee66d68

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 4580f4e0ebdf8dc8d506ae926b88510395a0c1d1

affected

Default status

affected

6.1.136

unaffected

6.6.89

unaffected

6.12.26

unaffected

6.14.5

unaffected

6.15

unaffected

References

git.kernel.org/...c/255cbc9db7067a83713fd2f4b31034ddd266549a

git.kernel.org/...c/b5a528a34e1f613565115a7a6016862ccbfcb9ac

git.kernel.org/...c/c5c833f6375f8ecf9254dd27946c927c7d645421

git.kernel.org/...c/45286680b385f2592db3003554872388dee66d68

git.kernel.org/...c/4580f4e0ebdf8dc8d506ae926b88510395a0c1d1

cve.org (CVE-2025-37884)

nvd.nist.gov (CVE-2025-37884)

Download JSON