Linux Kernel Vulnerability in Event Context Management
CVE-2025-37878
Summary
A vulnerability exists in the Linux kernel related to performance monitoring events, specifically in the handling of event context initialization. Improper assignment of the child event context prior to its validation can result in unexpected behavior during cleanup operations. This issue arose from a complex interaction of multiple code changes over many years. The solution involves adjusting the sequence of context assignment to ensure that it is performed immediately after the event's initial validation, preventing the potential triggering of warnings related to the event context's state when accessed later in the code.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1fe9b92eede32574dbe05b5bdb6ad666b350bed0
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 90dc6c1e3b200812da8d0aa030e1b7fda8226d0e
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
References
Timeline
Vulnerability published
Vulnerability Reserved