{"id":"CVE-2025-38233","summary":"powerpc64/ftrace: fix clobbered r15 during livepatching","details":"In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc64/ftrace: fix clobbered r15 during livepatching\n\nWhile r15 is clobbered always with PPC_FTRACE_OUT_OF_LINE, it is\nnot restored in livepatch sequence leading to not so obvious fails\nlike below:\n\n  BUG: Unable to handle kernel data access on write at 0xc0000000000f9078\n  Faulting instruction address: 0xc0000000018ff958\n  Oops: Kernel access of bad area, sig: 11 [#1]\n  ...\n  NIP:  c0000000018ff958 LR: c0000000018ff930 CTR: c0000000009c0790\n  REGS: c00000005f2e7790 TRAP: 0300   Tainted: G              K      (6.14.0+)\n  MSR:  8000000000009033 \u003cSF,EE,ME,IR,DR,RI,LE\u003e  CR: 2822880b  XER: 20040000\n  CFAR: c0000000008addc0 DAR: c0000000000f9078 DSISR: 0a000000 IRQMASK: 1\n  GPR00: c0000000018f2584 c00000005f2e7a30 c00000000280a900 c000000017ffa488\n  GPR04: 0000000000000008 0000000000000000 c0000000018f24fc 000000000000000d\n  GPR08: fffffffffffe0000 000000000000000d 0000000000000000 0000000000008000\n  GPR12: c0000000009c0790 c000000017ffa480 c00000005f2e7c78 c0000000000f9070\n  GPR16: c00000005f2e7c90 0000000000000000 0000000000000000 0000000000000000\n  GPR20: 0000000000000000 c00000005f3efa80 c00000005f2e7c60 c00000005f2e7c88\n  GPR24: c00000005f2e7c60 0000000000000001 c0000000000f9078 0000000000000000\n  GPR28: 00007fff97960000 c000000017ffa480 0000000000000000 c0000000000f9078\n  ...\n  Call Trace:\n    check_heap_object+0x34/0x390 (unreliable)\n  __mutex_unlock_slowpath.isra.0+0xe4/0x230\n  seq_read_iter+0x430/0xa90\n  proc_reg_read_iter+0xa4/0x200\n  vfs_read+0x41c/0x510\n  ksys_read+0xa4/0x190\n  system_call_exception+0x1d0/0x440\n  system_call_vectored_common+0x15c/0x2ec\n\nFix it by restoring r15 always.","modified":"2026-05-15T11:54:21.452485158Z","published":"2025-07-04T13:37:46.293Z","related":["SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38233.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/a9212bf5ca640232254b31330e86272fe4073bc9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cb5b691f8273432297611863ac142e17119279e0"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38233.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38233"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.15.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38233.json"}}],"schema_version":"1.7.5"}