{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:14:34.304","vulnerabilities":[{"cve":{"id":"CVE-2025-38586","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-08-19T17:15:36.113","lastModified":"2025-11-26T17:58:10.127","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, arm64: Fix fp initialization for exception boundary\n\nIn the ARM64 BPF JIT when prog->aux->exception_boundary is set for a BPF\nprogram, find_used_callee_regs() is not called because for a program\nacting as exception boundary, all callee saved registers are saved.\nfind_used_callee_regs() sets `ctx->fp_used = true;` when it sees FP\nbeing used in any of the instructions.\n\nFor programs acting as exception boundary, ctx->fp_used remains false\neven if frame pointer is used by the program and therefore, FP is not\nset-up for such programs in the prologue. This can cause the kernel to\ncrash due to a pagefault.\n\nFix it by setting ctx->fp_used = true for exception boundary programs as\nfp is always saved in such programs."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf, arm64: Arreglar la inicialización de fp para el límite de excepción En el JIT BPF de ARM64 cuando se configura prog->aux->exception_boundary para un programa BPF, no se llama a find_used_callee_regs() porque para un programa que actúa como límite de excepción, se guardan todos los registros guardados del llamado. find_used_callee_regs() establece `ctx->fp_used = true;` cuando ve que se usa FP en cualquiera de las instrucciones. Para los programas que actúan como límite de excepción, ctx->fp_used permanece falso incluso si el programa usa el puntero de frame y, por lo tanto, FP no está configurado para tales programas en el prólogo. Esto puede hacer que el kernel se bloquee debido a un fallo de página. Corríjalo configurando ctx->fp_used = true para los programas con límite de excepción, ya que fp siempre se guarda en tales programas."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.42","matchCriteriaId":"1FC3F76F-C8CF-4B19-AC3D-AA1AE05558D7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.15.10","matchCriteriaId":"5890C690-B295-40C2-9121-FF5F987E5142"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"6.16.1","matchCriteriaId":"58182352-D7DF-4CC9-841E-03C1D852C3FB"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0dbef493cae7d451f740558665893c000adb2321","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1ce30231e0a2c8c361ee5f8f7f265fc17130adce","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b114fcee766d5101eada1aca7bb5fd0a86c89b35","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e23184725dbb72d5d02940222eee36dbba2aa422","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}