CVE-2025-71115

Summary

In the Linux kernel, the following vulnerability has been resolved:

um: init cpu_tasks[] earlier

This is currently done in uml_finishsetup(), but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse(), which has coverage annotations, and then the checks in check_kcov_mode() crash because current is NULL.

Simply initialize the cpu_tasks[] array statically, which fixes the crash. For the later SMP work, it seems to have not really caused any problems yet, but initialize all of the entries anyway.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2f681ba4b352cdd5658ed2a96062375a12839755 < dbbf6d47130674640cd12a0781a0fb2a575d0e44affected
LinuxLinux2f681ba4b352cdd5658ed2a96062375a12839755 < 7b5d4416964c07c902163822a30a622111172b01affected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux6.18.3 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References