CVE-2025-38607

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains an issue where the BPF JSET conditional jump is not correctly handled during control flow graph (CFG) computation. This can lead to incorrect live register and strongly connected component (SCC) calculations. Specifically, the can jump() function in verifier.c does not recognize BPF JSET as a jump instruction. This can cause the verifier to miss potential jump targets, leading to inaccurate register liveness analysis.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.