U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2025-37940 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ftrace: Add cond_resched() to ftrace_graph_set_hash() When the kernel contains a large number of functions that can be traced, the loop in ftrace_graph_set_hash() may take a lot of time to execute. This may trigger the softlockup watchdog. Add cond_resched() within the loop to allow the kernel to remain responsive even when processing a large number of functions. This matches the cond_resched() that is used in other locations of the code that iterates over all functions that can be traced.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/1fce9574b9d515bcb8a75379a8053e18602424e3 kernel.org Patch 
https://git.kernel.org/stable/c/42ea22e754ba4f2b86f8760ca27f6f71da2d982c kernel.org Patch 
https://git.kernel.org/stable/c/4429535acab750d963fdc3dfcc9e0eee42f4d599 kernel.org Patch 
https://git.kernel.org/stable/c/5d336ac215e5c76e43ef4bca9ba699835e53e2fd kernel.org Patch 
https://git.kernel.org/stable/c/618655d54c5f8af5d57b77491d08c0f0ff77d114 kernel.org Patch 
https://git.kernel.org/stable/c/72be43ff061a889c6ee648a330a42486cafa15a6 kernel.org Patch 
https://git.kernel.org/stable/c/8dd7d7280357596ba63dfdb4c1725d9dd24bd42a kernel.org Patch 
https://git.kernel.org/stable/c/dd38803c9088b848c6b56f4f6d7efc4497bfde61 kernel.org Patch 
https://git.kernel.org/stable/c/e5b4ae6f01d4a510d5725eca7254519a1093920d kernel.org Patch 
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html CVE Third Party Advisory 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-667 Improper Locking cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

3 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-37940
NVD Published Date:
05/20/2025
NVD Last Modified:
12/19/2025
Source:
kernel.org