GHSA-JGP9-RWC2-M645

Vulnerability from github – Published: 2025-08-16 12:30 – Updated: 2025-11-03 18:31
VLAI?
Details

In the Linux kernel, the following vulnerability has been resolved:

tracing: Add down_write(trace_event_sem) when adding trace event

When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum names with their values.

If two modules are loaded at the same time, the adding of the event to the ftrace_events list can corrupt the walking of the list in the code that is modifying the printk format strings and crash the kernel.

The addition of the event should take the trace_event_sem for write while it adds the new event.

Also add a lockdep_assert_held() on that semaphore in __trace_add_event_dirs() as it iterates the list.

Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-38539"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-16T12:15:29Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Add down_write(trace_event_sem) when adding trace event\n\nWhen a module is loaded, it adds trace events defined by the module. It\nmay also need to modify the modules trace printk formats to replace enum\nnames with their values.\n\nIf two modules are loaded at the same time, the adding of the event to the\nftrace_events list can corrupt the walking of the list in the code that is\nmodifying the printk format strings and crash the kernel.\n\nThe addition of the event should take the trace_event_sem for write while\nit adds the new event.\n\nAlso add a lockdep_assert_held() on that semaphore in\n__trace_add_event_dirs() as it iterates the list.",
  "id": "GHSA-jgp9-rwc2-m645",
  "modified": "2025-11-03T18:31:33Z",
  "published": "2025-08-16T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38539"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/33e20747b47ddc03569b6bc27a2d6894c1428182"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6bc94f20a4c304997288f9a45278c9d0c06987d3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/70fecd519caad0c1741c3379d5348c9000a5b29d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7803b28c9aa8d8bd4e19ebcf5f0db9612b0f333b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b5e8acc14dcb314a9b61ff19dcd9fdd0d88f70df"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ca60064ea03f14e06c763de018403cb56ba3207d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/db45632479ceecb669612ed8dbce927e3c6279fc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e70f5ee4c8824736332351b703c46f9469ed7f6c"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.