Russian Vulnerability Scanner Database

Back to List

CVE-2025-37991

Scores

EPSS

0.000none0.0%
0%20%40%60%80%100%

Percentile: 0.0%

Description

In the Linux kernel, the following vulnerability has been resolved:

parisc: Fix double SIGFPE crash

Camm noticed that on parisc a SIGFPE exception will crash an application with
a second SIGFPE in the signal handler. Dave analyzed it, and it happens
because glibc uses a double-word floating-point store to atomically update
function descriptors. As a result of lazy binding, we hit a floating-point
store in fpe_func almost immediately.

When the T bit is set, an assist exception trap occurs when when the
co-processor encounters any floating-point instruction except for a double
store of register %fr0. The latter cancels all pending traps. Let’s fix this
by clearing the Trap (T) bit in the FP status register before returning to the
signal handler in userspace.

The issue can be reproduced with this test program:

root@parisc:~# cat fpe.c

static void fpe_func(int sig, siginfo_t *i, void *v) {
sigset_t set;
sigemptyset(&set);
sigaddset(&set, SIGFPE);
sigprocmask(SIG_UNBLOCK, &set, NULL);
printf(“GOT signal %d with si_code %ld\n”, sig, i->si_code);
}

int main() {
struct sigaction action = {
.sa_sigaction = fpe_func,
.sa_flags = SA_RESTART|SA_SIGINFO };
sigaction(SIGFPE, &action, 0);
feenableexcept(FE_OVERFLOW);
return printf(“%lf\n”,1.7976931348623158E308*1.7976931348623158E308);
}

root@parisc:~# gcc fpe.c -lm
root@parisc:~# ./a.out
Floating point exception

root@parisc:~# strace -f ./a.out
execve(“./a.out”, [“./a.out”], 0xf9ac7034 /* 20 vars */) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0

rt_sigaction(SIGFPE, {sa_handler=0x1110a, sa_mask=[], sa_flags=SA_RESTART|SA_SIGINFO}, NULL, 8) = 0
— SIGFPE {si_signo=SIGFPE, si_code=FPE_FLTOVF, si_addr=0x1078f} —
— SIGFPE {si_signo=SIGFPE, si_code=FPE_FLTOVF, si_addr=0xf8f21237} —
+++ killed by SIGFPE +++
Floating point exception

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

astradebianubuntu

Related Vulnerabilities

BDU:2025-11790

Vulnerable Software (164)

Type: Configuration

Product: linux

Operating System: ubuntu bionic 18.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu focal 20.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu jammy 22.04

Trait: 
{  "fixed": "5.15.0-144.157"}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu trusty 14.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu xenial 16.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: debian

Trait: 
{  "fixed": "6.12.29-1"}

Source: debian

Type: Configuration

Product: linux

Operating System: debian bullseye 11

Trait: 
{  "unfixed": true}

Source: debian

Type: Configuration

Product: linux-6.1

Operating System: astra 4.7.0

Trait: 
{  "unaffected": true}

Source: astra

Type: Configuration

Product: linux-allwinner-5.19

Operating System: ubuntu jammy 22.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux-aws

Operating System: ubuntu bionic 18.04

Trait: 
{  "unfixed": true}

Source: ubuntu