PT-2025-22209 · Linux+6 · Linux Kernel+6

Published

2025-05-08

·

Updated

2026-05-26

·

CVE-2025-37948

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. The issue is resolved by adding BHB mitigation to the epilogue for cBPF programs. This mitigation is applied for 'classic' cBPF programs loaded by seccomp.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-11929
CVE-2025-37948
DLA-4271-1
DLA-4327-1
DSA-5925-1
ECHO-FAEC-1CC5-A629
MGASA-2025-0182
MGASA-2025-0183
OESA-2025-1729
OESA-2025-1730
OESA-2025-1870
SUSE-SU-2025:01918-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:01983-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02262-1
SUSE-SU-2025:02264-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02321-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025:2264-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_01983-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02262-1
SUSE-SU-2025_02264-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
USN-7699-1
USN-7699-2
USN-7721-1
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7775-1
USN-7775-2
USN-7775-3
USN-7776-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu