SB20250422112 - Improper locking in Linux kernel loongarch net
Published: April 22, 2025 Updated: May 10, 2025
Security Bulletin ID
SB20250422112
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2025-37893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the build_prologue() function in arch/loongarch/net/bpf_jit.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b
- https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0
- https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9
- https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45
- https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae
- https://git.kernel.org/stable/c/e9ccb262b39ab01a5ac2e485b7996b8498e7b373
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.134