CVE-2025-38012

Published: Jun 18, 2025Modified: Nov 17, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator BPF programs may call next() and destroy() on BPF iterators even after new() returns an error value (e.g. bpf_for_each() macro ignores error returns from new()). bpf_iter_scx_dsq_new() could leave the iterator in an uninitialized state after an error return causing bpf_iter_scx_dsq_next() to dereference garbage data. Make bpf_iter_scx_dsq_new() always clear $kit->dsq so that next() and destroy() become noops.

Affected (8)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.12 to 6.12.30
Linux Linux Kernel	From 6.13 to 6.14.8
Linux Linux Kernel	Version 6.15 rc1
Linux Linux Kernel	Version 6.15 rc2
Linux Linux Kernel	Version 6.15 rc3
Linux Linux Kernel	Version 6.15 rc4
Linux Linux Kernel	Version 6.15 rc5
Linux Linux Kernel	Version 6.15 rc6

Related CWEs

CWE-908

Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

References (3)

https://git.kernel.org/stable/c/0102989af4c334d1d98b2a0fd4d61a5152e39b72

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/255dd31bfc4a67a19b1fc2cd130a50284dadfe3a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/428dc9fc0873989d73918d4a9cc22745b7bbc799

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.