CVE-2025-38055
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's perf/x86/intel subsystem causes a kernel panic (segfault) when using PEBS-via-PT with sample frequency instead of sample period. This affects Linux systems with Intel processors using performance monitoring features. The vulnerability can lead to denial of service through system crashes.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System crashes with kernel panic, causing complete denial of service and potential data loss or corruption.
Likely Case
System instability or crashes when specific performance monitoring configurations are used, leading to service disruption.
If Mitigated
No impact if performance monitoring with PEBS-via-PT and sample frequency is not configured.
🎯 Exploit Status
Requires local access and ability to configure performance monitoring events with specific parameters. Not trivial to exploit accidentally.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 0b1874a5b1173fbcb2185ab828f4c33d067e551e, 99bcd91fabada0dbb1d5f0de44532d8008db93c6, ca51db23166767a8445deb8331c9b8d5205d9287)
Vendor Advisory: https://git.kernel.org/stable/c/0b1874a5b1173fbcb2185ab828f4c33d067e551e
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from official distribution repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable PEBS-via-PT with sample frequency
linuxAvoid using PEBS-via-PT with sample frequency configuration in performance monitoring tools.
# Configure performance monitoring tools to use sample period instead of sample frequency
# Or disable PEBS-via-PT features entirely
🧯 If You Can't Patch
- Restrict access to performance monitoring capabilities using kernel.perf_event_paranoid sysctl
- Monitor system logs for kernel panic events and investigate any performance monitoring tool usage
🔍 How to Verify
Check if Vulnerable:
Check if system has performance monitoring tools configured with PEBS-via-PT and sample frequency. Review kernel logs for NULL pointer dereference errors related to perf/x86/intel.Check Version:
uname -rVerify Fix Applied:
Check kernel version against patched releases. Test performance monitoring with PEBS-via-PT and sample frequency configuration to ensure no crashes occur.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference errors in dmesg
- BUG: kernel NULL pointer dereference at address: 0000000000000195
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "BUG: kernel" OR "perf/x86/intel")