Wind River Support Network

HomeDefectsLIN1023-12978
Acknowledged

LIN1023-12978 : Security Advisory - linux - CVE-2025-37884

Created: May 13, 2025    Updated: May 14, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

'In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n  perf_kprobe_destroy()\n    mutex_lock(&event_mutex)\n      perf_trace_event_unreg()\n        synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n  rcu_read_lock_trace()\n    bpf_prog_run_pin_on_cpu()\n      bpf_prog_load()\n        bpf_tracing_func_proto()\n          trace_set_clr_event()\n            mutex_lock(&event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency.\n']
CREATE(Triage):(User=myu2) [CVE-2025-37884 (https://nvd.nist.gov/vuln/detail/CVE-2025-37884)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube