CVE-2025-38280

Updated: 2025-12-28 03:37:52.812329

Description:

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid __bpf_prog_ret0_warn when jit fails syzkaller reported an issue: WARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 __bpf_prog_ret0_warn+0xa/0x20 kernel/bpf/core.c:2357 Modules linked in: CPU: 3 UID: 0 PID: 217 Comm: kworker/u32:6 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 RIP: 0010:__bpf_prog_ret0_warn+0xa/0x20 kernel/bpf/core.c:2357 Call Trace: <TASK> bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline] __bpf_prog_run include/linux/filter.h:718 [inline] bpf_prog_run include/linux/filter.h:725 [inline] cls_bpf_classify+0x74a/0x1110 net/sched/cls_bpf.c:105 ... When creating bpf program, 'fp->jit_requested' depends on bpf_jit_enable. This issue is triggered because of CONFIG_BPF_JIT_ALWAYS_ON is not set and bpf_jit_enable is set to 1, causing the arch to attempt JIT the prog, but jit failed due to FAULT_INJECTION. As a result, incorrectly treats the program as valid, when the program runs it calls `__bpf_prog_ret0_warn` and triggers the WARN_ON_ONCE(1).


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2026:1768663754 2026-01-17 19:45:31
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2026-01-28 12:18:36
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2026-01-28 12:18:36
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2026:1770032032 2026-02-02 15:15:35
Oracle Linux 7 ELS kernel-uek 5.4.17 7.8 HIGH Needs Triage 2025-12-28 06:59:38
TuxCare 9.6 ESU kernel 5.14.0 7.8 HIGH In Testing 2026-01-13 11:25:51
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Needs Triage 2025-12-28 07:13:00
Ubuntu 18.04 ELS linux 4.15.0 7.8 HIGH Needs Triage 2025-12-28 07:28:10
Ubuntu 20.04 ELS linux 5.4.0 7.8 HIGH Not Vulnerable 2026-02-03 16:02:35