CVE-2025-37884

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Fix the following deadlock: CPU A _free_event() perf_kprobe_destroy() mutex_lock(&event_mutex) perf_trace_event_unreg() synchronize_rcu_tasks_trace() There are several paths where _free_event() grabs event_mutex and calls sync_rcu_tasks_trace. Above is one such case. CPU B bpf_prog_test_run_syscall() rcu_read_lock_trace() bpf_prog_run_pin_on_cpu() bpf_prog_load() bpf_tracing_func_proto() trace_set_clr_event() mutex_lock(&event_mutex) Delegate trace_set_clr_event() to workqueue to avoid such lock dependency.

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/255cbc9db7067a83713fd2f4b31034ddd266549a
https://git.kernel.org/stable/c/45286680b385f2592db3003554872388dee66d68
https://git.kernel.org/stable/c/4580f4e0ebdf8dc8d506ae926b88510395a0c1d1
https://git.kernel.org/stable/c/b5a528a34e1f613565115a7a6016862ccbfcb9ac
https://git.kernel.org/stable/c/c5c833f6375f8ecf9254dd27946c927c7d645421
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Configurations

No configuration.

History

03 Nov 2025, 20:18

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html -

12 May 2025, 17:32

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-09 07:16

Updated : 2025-11-03 20:18

NVD link : CVE-2025-37884

Mitre link : CVE-2025-37884

CVE.ORG link : CVE-2025-37884

JSON object : View

Products Affected

No product.

CWE

No CWE.

{"id": "CVE-2025-37884", "cveTags": [], "metrics": {}, "published": "2025-05-09T07:16:09.727", "references": [{"url": "https://git.kernel.org/stable/c/255cbc9db7067a83713fd2f4b31034ddd266549a", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/45286680b385f2592db3003554872388dee66d68", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4580f4e0ebdf8dc8d506ae926b88510395a0c1d1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b5a528a34e1f613565115a7a6016862ccbfcb9ac", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c5c833f6375f8ecf9254dd27946c927c7d645421", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n perf_kprobe_destroy()\n mutex_lock(&event_mutex)\n perf_trace_event_unreg()\n synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n rcu_read_lock_trace()\n bpf_prog_run_pin_on_cpu()\n bpf_prog_load()\n bpf_tracing_func_proto()\n trace_set_clr_event()\n mutex_lock(&event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Se corrige el bloqueo entre rcu_tasks_trace y event_mutex. Se corrige el siguiente bloqueo: CPU A _free_event() perf_kprobe_destroy() mutex_lock(&event_mutex) perf_trace_event_unreg() synchronize_rcu_tasks_trace() There are several paths where _free_event() grabs event_mutex and calls sync_rcu_tasks_trace. Above is one such case. CPU B bpf_prog_test_run_syscall() rcu_read_lock_trace() bpf_prog_run_pin_on_cpu() bpf_prog_load() bpf_tracing_func_proto() trace_set_clr_event() mutex_lock(&event_mutex) Delegue trace_set_clr_event() a workqueue para evitar dicha dependencia de bloqueo."}], "lastModified": "2025-11-03T20:18:39.940", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}