CVE-2025-38489

Published: Jul 28, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again Commit 7ded842b356d ("s390/bpf: Fix bpf_plt pointer arithmetic") has accidentally removed the critical piece of commit c730fce7c70c ("s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL"), causing intermittent kernel panics in e.g. perf's on_switch() prog to reappear. Restore the fix and add a comment.

Vendor	Product	Versions
Linux	Linux	affected `c3062bdb859b6e2567e7f5c8cde20c0250bb130f - < 0c7b20f7785cfdd59403333612c90b458b12307c` affected `7ded842b356d151ece8ac4985940438e6d3998bb - < d5629d1af0600f8cc7c9245e8d832a66358ef889` affected `7ded842b356d151ece8ac4985940438e6d3998bb - < a4f9c7846b1ac428921ce9676b1b8c80ed60093c` affected `7ded842b356d151ece8ac4985940438e6d3998bb - < 6a5abf8cf182f577c7ae6c62f14debc9754ec986` affected `d3d74e45a060d218fe4b0c9174f0a77517509d8e` +2 more versions
Linux	Linux	affected `6.9` unaffected `0 - < 6.9` unaffected `6.6.100 - <= 6.6.` unaffected `6.12.40 - <= 6.12.` unaffected `6.15.8 - <= 6.15.*` +1 more versions

References

https://git.kernel.org/stable/c/0c7b20f7785cfdd59403333612c90b458b12307c

https://git.kernel.org/stable/c/d5629d1af0600f8cc7c9245e8d832a66358ef889

https://git.kernel.org/stable/c/a4f9c7846b1ac428921ce9676b1b8c80ed60093c

https://git.kernel.org/stable/c/6a5abf8cf182f577c7ae6c62f14debc9754ec986

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38489

Description

Affected Products

References