logo_clicknbuy.png

CVE-2025-38607 – Linux Kernel BPF Conditional Jump Vulnerability

The following table lists the changes that have been made to the
CVE-2025-38607 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Aug. 19, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved:

    bpf: handle jset (if a & b …) as a jump in CFG computation

    BPF_JSET is a conditional jump and currently verifier.c:can_jump()
    does not know about that. This can lead to incorrect live registers
    and SCC computation.

    E.g. in the following example:

    1: r0 = 1;
    2: r2 = 2;
    3: if r1 & 0x7 goto +1;
    4: exit;
    5: r0 = r2;
    6: exit;

    W/o this fix insn_successors(3) will return only (4), a jump to (5)
    would be missed and r2 won’t be marked as alive at (3).
    Added Reference https://git.kernel.org/stable/c/261b30ad1516f4b9edd500aa6e8d6315c8fc109a
    Added Reference https://git.kernel.org/stable/c/3157f7e2999616ac91f4d559a8566214f74000a5
    Added Reference https://git.kernel.org/stable/c/65eb166b8636365ad3d6e36d50a7c5edfe6cc66e
Share the Post:

Related Posts