CVE-2025-38489

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38489

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38489.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38489

Downstream

BELL-CVE-2025-38489

DEBIAN-CVE-2025-38489

DSA-5975-1

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:03023-1

UBUNTU-CVE-2025-38489

Related

Published

2025-07-28T12:15:30Z

Modified

2025-08-30T18:01:36Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

s390/bpf: Fix bpfarchtextpoke() with newaddr == NULL again

Commit 7ded842b356d ("s390/bpf: Fix bpfplt pointer arithmetic") has accidentally removed the critical piece of commit c730fce7c70c ("s390/bpf: Fix bpfarchtextpoke() with newaddr == NULL"), causing intermittent kernel panics in e.g. perf's onswitch() prog to reappear.

Restore the fix and add a comment.

References

Affected packages