CVE-2025-38649

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: An infinite loop in the Coresight devices, specifically within the coresight find activated sysfs sink function, can lead to a stack overflow and system crash. This occurs when only a source device is enabled, causing the function to recursively search for an active sink device. The affected components include replicator1 out, funnel swao in6, tmc etf swao in, tmc etf swao out, replicator1 in, replicator swao in, replicator0 out1, replicator0 in, funnel in1 in3, replicator swao out0, tmc etf out, tmc etf in, funnel merg out, funnel merg in1, and funnel in1 out. As a result of the fix, trace data can only originate from AOSS and reach the ETF SWAO and EUD sinks.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.