Home

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Fix the following deadlock: CPU A _free_event() perf_kprobe_destroy() mutex_lock(&event_mutex) perf_trace_event_unreg() synchronize_rcu_tasks_trace() There are several paths where _free_event() grabs event_mutex and calls sync_rcu_tasks_trace. Above is one such case. CPU B bpf_prog_test_run_syscall() rcu_read_lock_trace() bpf_prog_run_pin_on_cpu() bpf_prog_load() bpf_tracing_func_proto() trace_set_clr_event() mutex_lock(&event_mutex) Delegate trace_set_clr_event() to workqueue to avoid such lock dependency.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-09 | Updated 2026-01-02 | Assigner Linux

Product status

Default status
unaffected

a363d27cdbc2bc2d1899b5a1520b64e3590fcd9a (git) before 45286680b385f2592db3003554872388dee66d68
affected

a363d27cdbc2bc2d1899b5a1520b64e3590fcd9a (git) before 4580f4e0ebdf8dc8d506ae926b88510395a0c1d1
affected

Default status
affected

6.13
affected

Any version before 6.13
unaffected

6.14.5 (semver)
unaffected

6.15 (original_commit_for_fix)
unaffected

References

lists.debian.org/debian-lts-announce/2025/05/msg00045.html

git.kernel.org/...c/45286680b385f2592db3003554872388dee66d68

git.kernel.org/...c/4580f4e0ebdf8dc8d506ae926b88510395a0c1d1

cve.org (CVE-2025-37884)

nvd.nist.gov (CVE-2025-37884)

Download JSON