Description

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix fp initialization for exception boundary In the ARM64 BPF JIT when prog->aux->exception_boundary is set for a BPF program, find_used_callee_regs() is not called because for a program acting as exception boundary, all callee saved registers are saved. find_used_callee_regs() sets `ctx->fp_used = true;` when it sees FP being used in any of the instructions. For programs acting as exception boundary, ctx->fp_used remains false even if frame pointer is used by the program and therefore, FP is not set-up for such programs in the prologue. This can cause the kernel to crash due to a pagefault. Fix it by setting ctx->fp_used = true for exception boundary programs as fp is always saved in such programs.

INFO

Published Date :

2025-08-19T17:03:08.012Z

Last Modified :

2025-08-19T17:03:08.012Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38586 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38586.

URL Resource
https://git.kernel.org/stable/c/0dbef493cae7d451f740558665893c000adb2321 cve-icon cve-icon
https://git.kernel.org/stable/c/1ce30231e0a2c8c361ee5f8f7f265fc17130adce cve-icon cve-icon
https://git.kernel.org/stable/c/b114fcee766d5101eada1aca7bb5fd0a86c89b35 cve-icon cve-icon
https://git.kernel.org/stable/c/e23184725dbb72d5d02940222eee36dbba2aa422 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025081915-CVE-2025-38586-789b@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38586 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38586 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact