CVE-2025-37845

tracing: fprobe events: Fix possible UAF on modules

Description

In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 ("tracing: tprobe-events: Fix leakage of module refcount") moved try_module_get() from __find_tracepoint_module_cb() to find_tracepoint() caller, but that introduced a possible UAF because the module can be unloaded before try_module_get(). In this case, the module object should be freed too. Thus, try_module_get() does not only fail but may access to the freed object. To avoid that, try_module_get() in __find_tracepoint_module_cb() again.

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/868df4eb784c3ccc7e4340a9ea993cbbedca167e
https://git.kernel.org/stable/c/a27d2de2472b1cc7d582ab405d1d5832a80481de
https://git.kernel.org/stable/c/626f01f4d26e8cf92e69c1df53036153c8e98a20
https://git.kernel.org/stable/c/dd941507a9486252d6fcf11814387666792020f3

Frequently Asked Questions

What is the severity of CVE-2025-37845?
CVE-2025-37845 has not yet been assigned a CVSS score.
How to fix CVE-2025-37845?
To fix CVE-2025-37845, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-37845 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-37845 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-37845?
CVE-2025-37845 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.