Linux Kernel Deadlock Vulnerability in BPF Event Mutex
CVE-2025-37884
What is CVE-2025-37884?
A critical deadlock vulnerability has been identified in the Linux kernel's BPF subsystem, where the improper handling of event mutex can lead to system hangs. Specifically, the _free_event() function can simultaneously acquire the event_mutex while invoking synchronize_rcu_tasks_trace, creating a potential deadlock scenario. This vulnerability manifests when multiple CPU threads interact with tracing events, particularly during the execution of performance-related operations. A fix has been implemented to delegate trace_set_clr_event() to a workqueue, effectively avoiding lock dependencies and ensuring smoother operation of performance tracing functionalities.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Linux a363d27cdbc2bc2d1899b5a1520b64e3590fcd9a < 45286680b385f2592db3003554872388dee66d68
Linux a363d27cdbc2bc2d1899b5a1520b64e3590fcd9a < 4580f4e0ebdf8dc8d506ae926b88510395a0c1d1
Linux 6.13