UBUNTU-CVE-2025-37898
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix module loading without patchable function entries get_stubs_size assumes that there must always be at least one patchable function entry, which is not always the case (modules that export data but no code), otherwise it returns -ENOEXEC and thus the section header sh_size is set to that value. During module_memory_alloc() the size is passed to execmem_alloc() after being page-aligned and thus set to zero which will cause it to fail the allocation (and thus module loading) as __vmalloc_node_range() checks for zero-sized allocs and returns null: [ 115.466896] module_64: cast_common: doesn't contain __patchable_function_entries. [ 115.469189] ------------[ cut here ]------------ [ 115.469496] WARNING: CPU: 0 PID: 274 at mm/vmalloc.c:3778 __vmalloc_node_range_noprof+0x8b4/0x8f0 ... [ 115.478574] ---[ end trace 0000000000000000 ]--- [ 115.479545] execmem: unable to allocate memory Fix this by removing the check completely, since it is anyway not helpful to propagate this as an error upwards.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- ubuntu•linux-allwinner-5.19
all
- ubuntu•linux-aws-5.0
all
- ubuntu•linux-aws-5.11
all
- ubuntu•linux-aws-5.13
all
- ubuntu•linux-aws-5.19
all
- ubuntu•linux-aws-5.3
all
- ubuntu•linux-aws-5.8
all
- ubuntu•linux-aws-6.14
< 6.14.0-1009.9~24.04.1
- ubuntu•linux-aws-6.2
all
- ubuntu•linux-aws-6.5
all
- ubuntu•linux-azure
all
- ubuntu•linux-azure-5.11
all
- ubuntu•linux-azure-5.13
all
- ubuntu•linux-azure-5.19
all
- ubuntu•linux-azure-5.3
all
- ubuntu•linux-azure-5.8
all
- ubuntu•linux-azure-6.2
all
- ubuntu•linux-azure-6.5
all
- ubuntu•linux-azure-edge
all
- ubuntu•linux-azure-fde
all | all
- ubuntu•linux-azure-fde-5.19
all
- ubuntu•linux-azure-fde-6.17
all
- ubuntu•linux-azure-fde-6.2
all
- ubuntu•linux-bluefield
all
- ubuntu•linux-gcp
all
- ubuntu•linux-gcp-5.11
all
- ubuntu•linux-gcp-5.13
all
- ubuntu•linux-gcp-5.19
all
- ubuntu•linux-gcp-5.3
all
- ubuntu•linux-gcp-5.8
all
- ubuntu•linux-gcp-6.14
< 6.14.0-1011.11~24.04.1
- ubuntu•linux-gcp-6.2
all
- ubuntu•linux-gcp-6.5
all
- ubuntu•linux-gke
all
- ubuntu•linux-gke-4.15
all
- ubuntu•linux-gke-5.15
all
- ubuntu•linux-gke-5.4
all
- ubuntu•linux-gkeop
all
- ubuntu•linux-gkeop-5.15
all
- ubuntu•linux-gkeop-5.4
all
- ubuntu•linux-hwe
all
- ubuntu•linux-hwe-5.11
all
- ubuntu•linux-hwe-5.13
all
- ubuntu•linux-hwe-5.19
all
- ubuntu•linux-hwe-5.8
all
- ubuntu•linux-hwe-6.2
all
- ubuntu•linux-hwe-6.5
all
- ubuntu•linux-hwe-edge
all | all
- ubuntu•linux-intel-5.13
all
- ubuntu•linux-intel-iot-realtime
all
Showing first 50 affected entries in server-rendered view.
References (11)
- https://ubuntu.com/security/CVE-2025-37898
- https://www.cve.org/CVERecord?id=CVE-2025-37898
- https://git.kernel.org/linus/534f5a8ba27863141e29766467a3e1f61bcb47ac
- https://git.kernel.org/stable/c/358b559afec7806b9d01c2405b490e782c347022
- https://git.kernel.org/stable/c/534f5a8ba27863141e29766467a3e1f61bcb47ac
- https://ubuntu.com/security/notices/USN-7649-1
- https://ubuntu.com/security/notices/USN-7650-1
- https://ubuntu.com/security/notices/USN-7649-2
- https://ubuntu.com/security/notices/USN-7665-1
- https://ubuntu.com/security/notices/USN-7665-2
- https://ubuntu.com/security/notices/USN-7721-1