CVE-2025-38233

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0 and later

Description: The issue is related to the powerpc64/ftrace component of the Linux kernel, where the register r15 is clobbered during livepatching and not restored, leading to potential kernel crashes. This can result in errors such as "BUG: Unable to handle kernel data access on write" and "Oops: Kernel access of bad area, sig: 11". The problem is caused by the lack of restoration of the r15 register in the livepatch sequence. The estimated number of potentially affected devices worldwide is not specified.

Recommendations: For Linux kernel version 6.14.0 and later, restore the r15 register always during livepatching to prevent kernel crashes. As a temporary workaround, consider disabling livepatching until a patch is available. Restrict access to the powerpc64/ftrace component to minimize the risk of exploitation. Avoid using the PPC FTRACE OUT OF LINE feature in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.