CVE-2025-38012

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38012

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38012.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-38012

Downstream

BELL-CVE-2025-38012

DEBIAN-CVE-2025-38012

UBUNTU-CVE-2025-38012

USN-7699-1

USN-7699-2

USN-7721-1

Published

2025-06-18T09:28:22Z

Modified

2025-10-22T12:11:42.875542Z

Summary

sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator

Details

In the Linux kernel, the following vulnerability has been resolved:

schedext: bpfiterscxdsq_new() should always initialize iterator

BPF programs may call next() and destroy() on BPF iterators even after new() returns an error value (e.g. bpfforeach() macro ignores error returns from new()). bpfiterscxdsqnew() could leave the iterator in an uninitialized state after an error return causing bpfiterscxdsqnext() to dereference garbage data. Make bpfiterscxdsqnew() always clear $kit->dsq so that next() and destroy() become noops.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

650ba21b131ed1f8ee57826b2c6295a3be221132

Fixed

0102989af4c334d1d98b2a0fd4d61a5152e39b72

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

650ba21b131ed1f8ee57826b2c6295a3be221132

Fixed

255dd31bfc4a67a19b1fc2cd130a50284dadfe3a

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

650ba21b131ed1f8ee57826b2c6295a3be221132

Fixed

428dc9fc0873989d73918d4a9cc22745b7bbc799

Affected versions

v6.*

v6.10

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.1

v6.12.10

v6.12.11

v6.12.12

v6.12.13

v6.12.14

v6.12.15

v6.12.16

v6.12.17

v6.12.18

v6.12.19

v6.12.2

v6.12.20

v6.12.21

v6.12.22

v6.12.23

v6.12.24

v6.12.25

v6.12.26

v6.12.27

v6.12.28

v6.12.29

v6.12.3

v6.12.4

v6.12.5

v6.12.6

v6.12.7

v6.12.8

v6.12.9

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.14.1

v6.14.2

v6.14.3

v6.14.4

v6.14.5

v6.14.6

v6.14.7

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.12.0

Fixed

6.12.30

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.14.8