CVE-2025-37878

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a problem in the Linux kernel's perf/core subsystem, where a WARN ON ONCE() cleanup check could trigger after the initial check passed but before the child event's context was assigned, violating its precondition. This occurred due to changes in the code over time, including the addition of an early validity check and a WARN ON ONCE() cleanup check. The solution involves assigning the child event's context right after its initial validation, ensuring the context exists for any subsequent checks or cleanup routines.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the perf/core subsystem, where the get ctx(child ctx) call and the child event->ctx assignment are moved to occur immediately after the child event is allocated. As a temporary workaround, consider disabling the free event() function until a patch is available. However, since the exact affected and fixed versions are not specified, it is crucial to refer to the official Linux kernel updates for precise guidance on resolving this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.