PT-2025-27977 · Linux+6 · Linux Kernel+6

Published

2025-07-04

·

Updated

2026-05-26

·

CVE-2025-38202

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the bpf map lookup percpu elem() helper function, which is available for sleepable BPF programs. When BPF JIT is disabled or under a 32-bit host, bpf map lookup percpu elem() will not be inlined, triggering a warning because the BPF program only holds the rcu read lock trace lock. To address this, a check for rcu read lock trace held() has been added to bpf map lookup percpu elem().
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2026:18134
AZL-64698
BDU:2025-10764
CVE-2025-38202
DLA-4328-1
DSA-5973-1
ECHO-CA5E-A870-C0AD
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1823
OESA-2025-1824
OESA-2025-1870
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu