CVE-2025-38607 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-38607 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset (if a & b ...) as a jump in CFG computation BPF_JSET is a conditional jump and currently verifier.c:can_jump() does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the following example: 1: r0 = 1; 2: r2 = 2; 3: if r1 & 0x7 goto +1; 4: exit; 5: r0 = r2; 6: exit; W/o this fix insn_successors(3) will return only (4), a jump to (5) would be missed and r2 won't be marked as alive at (3).

EPSS 0.01% · 2.1th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.01%

2.1th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.15, 6.15, 6.15
Linux	Linux	6.15.10, 14c8552db64476ffc27c13dc6652fc0dac31c0ba, 6.17

Timeline

Jan 21, 1970 Security Advisory
Aug 19, 2025 CVE Published
Aug 20, 2025 EPSS Score
Aug 20, 2025 Coalition ESS Score
Aug 26, 2025 Coalition ESS Score
Aug 27, 2025 EPSS Score
Sep 4, 2025 EPSS Score
Sep 11, 2025 EPSS Score
Sep 19, 2025 EPSS Score
Sep 26, 2025 EPSS Score
Oct 4, 2025 EPSS Score
Oct 4, 2025 Coalition ESS Score

References

Open in Interactive Console →