CVE-2025-37893

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an off-by-one error in the build prologue() function when running BPF programs with tailcalls on LoongArch, causing a kernel hard lockup. The problem arises from the JIT compiling process, where the first pass sets flags and the second pass generates JIT code based on those flags. When BPF programs mix bpf2bpf and tailcalls, build prologue() generates a different number of instructions in the two passes, leading to an incorrect epilogue offset and causing the lockup.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.