CVE-2025-37893

LoongArch: BPF: Fix off-by-one error in build_prologue()

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix off-by-one error in build_prologue() Vincent reported that running BPF progs with tailcalls on LoongArch causes kernel hard lockup. Debugging the issues shows that the JITed image missing a jirl instruction at the end of the epilogue. There are two passes in JIT compiling, the first pass set the flags and the second pass generates JIT code based on those flags. With BPF progs mixing bpf2bpf and tailcalls, build_prologue() generates N insns in the first pass and then generates N+1 insns in the second pass. This makes epilogue_offset off by one and we will jump to some unexpected insn and cause lockup. Fix this by inserting a nop insn.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45 patch
https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b patch
https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae patch
https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0 patch
https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9 patch

Frequently Asked Questions

What is the severity of CVE-2025-37893?
CVE-2025-37893 has been scored as a medium severity vulnerability.
How to fix CVE-2025-37893?
To fix CVE-2025-37893, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-37893 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-37893 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-37893?
CVE-2025-37893 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.