ghsa-hc3m-pcgg-jv94
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
powerpc64/ftrace: fix module loading without patchable function entries
get_stubs_size assumes that there must always be at least one patchable function entry, which is not always the case (modules that export data but no code), otherwise it returns -ENOEXEC and thus the section header sh_size is set to that value. During module_memory_alloc() the size is passed to execmem_alloc() after being page-aligned and thus set to zero which will cause it to fail the allocation (and thus module loading) as __vmalloc_node_range() checks for zero-sized allocs and returns null:
[ 115.466896] module_64: cast_common: doesn't contain __patchable_function_entries. [ 115.469189] ------------[ cut here ]------------ [ 115.469496] WARNING: CPU: 0 PID: 274 at mm/vmalloc.c:3778 __vmalloc_node_range_noprof+0x8b4/0x8f0 ... [ 115.478574] ---[ end trace 0000000000000000 ]--- [ 115.479545] execmem: unable to allocate memory
Fix this by removing the check completely, since it is anyway not helpful to propagate this as an error upwards.
{
"affected": [],
"aliases": [
"CVE-2025-37898"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-20T16:15:26Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc64/ftrace: fix module loading without patchable function entries\n\nget_stubs_size assumes that there must always be at least one patchable\nfunction entry, which is not always the case (modules that export data\nbut no code), otherwise it returns -ENOEXEC and thus the section header\nsh_size is set to that value. During module_memory_alloc() the size is\npassed to execmem_alloc() after being page-aligned and thus set to zero\nwhich will cause it to fail the allocation (and thus module loading) as\n__vmalloc_node_range() checks for zero-sized allocs and returns null:\n\n[ 115.466896] module_64: cast_common: doesn\u0027t contain __patchable_function_entries.\n[ 115.469189] ------------[ cut here ]------------\n[ 115.469496] WARNING: CPU: 0 PID: 274 at mm/vmalloc.c:3778 __vmalloc_node_range_noprof+0x8b4/0x8f0\n...\n[ 115.478574] ---[ end trace 0000000000000000 ]---\n[ 115.479545] execmem: unable to allocate memory\n\nFix this by removing the check completely, since it is anyway not\nhelpful to propagate this as an error upwards.",
"id": "GHSA-hc3m-pcgg-jv94",
"modified": "2025-05-20T18:30:54Z",
"published": "2025-05-20T18:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37898"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/358b559afec7806b9d01c2405b490e782c347022"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/534f5a8ba27863141e29766467a3e1f61bcb47ac"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.