CVE-2025-37938: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-37938 is a vulnerability discovered in the Linux kernel's tracing system, disclosed on May 20, 2025. The vulnerability affects the Linux kernel's tracing subsystem and specifically involves the trace event verifier's handling of event formats containing '%*p..' patterns (NVD, Wiz).

The vulnerability exists in the trace event verifier which checks formats of trace events to ensure they don't reference memory that could be freed before the event is read. The verifier runs at boot time or module load and scans the print formats of events. When encountering formats using '%*p..', the verifier would ignore these patterns instead of properly validating them. The vulnerability has been assigned a CVSS 3.1 score of 7.0 with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (RedHat).

If exploited, this vulnerability could lead to kernel crashes by allowing events to read freed memory. This occurs when an event references data that was allocated during event triggering but is freed before the event is read, potentially causing system instability (NVD).

The vulnerability has been resolved in the Linux kernel through patches that enhance the trace event verifier to properly validate event formats containing '%p..' patterns. The fix includes additional verification for these format specifiers and adds sample code demonstrating the proper use of '%pbl' (NVD).