CVE-2025-38607

Published: Aug 19, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset (if a & b ...) as a jump in CFG computation BPF_JSET is a conditional jump and currently verifier.c:can_jump() does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the following example: 1: r0 = 1; 2: r2 = 2; 3: if r1 & 0x7 goto +1; 4: exit; 5: r0 = r2; 6: exit; W/o this fix insn_successors(3) will return only (4), a jump to (5) would be missed and r2 won't be marked as alive at (3).

Vendor	Product	Versions
Linux	Linux	affected `14c8552db64476ffc27c13dc6652fc0dac31c0ba - < 65eb166b8636365ad3d6e36d50a7c5edfe6cc66e` affected `14c8552db64476ffc27c13dc6652fc0dac31c0ba - < 261b30ad1516f4b9edd500aa6e8d6315c8fc109a` affected `14c8552db64476ffc27c13dc6652fc0dac31c0ba - < 3157f7e2999616ac91f4d559a8566214f74000a5`
Linux	Linux	affected `6.15` unaffected `0 - < 6.15` unaffected `6.15.10 - <= 6.15.` unaffected `6.16.1 - <= 6.16.` unaffected `6.17 - <= *`

References

https://git.kernel.org/stable/c/65eb166b8636365ad3d6e36d50a7c5edfe6cc66e

https://git.kernel.org/stable/c/261b30ad1516f4b9edd500aa6e8d6315c8fc109a

https://git.kernel.org/stable/c/3157f7e2999616ac91f4d559a8566214f74000a5

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38607

Description

Affected Products

References