Linux Kernel Vulnerability in BPF Map Lookup Functionality
CVE-2025-38202

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38202?

A vulnerability exists in the Linux kernel's BPF (Berkeley Packet Filter) mechanism concerning the bpf_map_lookup_percpu_elem() function. This issue arises when the BPF JIT (Just-In-Time compilation) is disabled or is executed on a 32-bit host. Specifically, using this helper in sleepable BPF programs can trigger warnings due to insufficient checks for the rcu_read_lock_trace_held() condition. This can potentially lead to unexpected behavior or security concerns in systems employing this BPF functionality.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2f8c69a72e8ad87b36b8052f789da3cc2b2e186c

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7bf4461f1c97207fda757014690d55a447ce859f

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2d834477bbc1e8b8a59ff8b0c081529d6bed7b22

References

https://git.kernel.org/stable/c/2f8c69a72e8ad87b36b8052f7...

https://git.kernel.org/stable/c/7bf4461f1c97207fda7570146...

https://git.kernel.org/stable/c/2d834477bbc1e8b8a59ff8b0c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025