CVE-2025-71125 (GCVE-0-2025-71125)

Vulnerability from cvelistv5 – Published: 2026-01-14 15:06 – Updated: 2026-02-09 08:35
VLAI?
Title
tracing: Do not register unsupported perf events
Summary
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers: ------------[ cut here ]------------ WARNING: kernel/tracepoint.c:175 at tracepoint_add_func+0x357/0x370, CPU#2: perf/2272 Modules linked in: kvm_intel kvm irqbypass CPU: 2 UID: 0 PID: 2272 Comm: perf Not tainted 6.18.0-ftest-11964-ge022764176fc-dirty #323 PREEMPTLAZY Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-debian-1.17.0-1 04/01/2014 RIP: 0010:tracepoint_add_func+0x357/0x370 Code: 28 9c e8 4c 0b f5 ff eb 0f 4c 89 f7 48 c7 c6 80 4d 28 9c e8 ab 89 f4 ff 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b 49 c7 c6 ea ff ff ff e9 ee fe ff ff 0f 0b e9 f9 fe ff ff 0f RSP: 0018:ffffabc0c44d3c40 EFLAGS: 00010246 RAX: 0000000000000001 RBX: ffff9380aa9e4060 RCX: 0000000000000000 RDX: 000000000000000a RSI: ffffffff9e1d4a98 RDI: ffff937fcf5fd6c8 RBP: 0000000000000001 R08: 0000000000000007 R09: ffff937fcf5fc780 R10: 0000000000000003 R11: ffffffff9c193910 R12: 000000000000000a R13: ffffffff9e1e5888 R14: 0000000000000000 R15: ffffabc0c44d3c78 FS: 00007f6202f5f340(0000) GS:ffff93819f00f000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055d3162281a8 CR3: 0000000106a56003 CR4: 0000000000172ef0 Call Trace: <TASK> tracepoint_probe_register+0x5d/0x90 synth_event_reg+0x3c/0x60 perf_trace_event_init+0x204/0x340 perf_trace_init+0x85/0xd0 perf_tp_event_init+0x2e/0x50 perf_try_init_event+0x6f/0x230 ? perf_event_alloc+0x4bb/0xdc0 perf_event_alloc+0x65a/0xdc0 __se_sys_perf_event_open+0x290/0x9f0 do_syscall_64+0x93/0x7b0 ? entry_SYSCALL_64_after_hwframe+0x76/0x7e ? trace_hardirqs_off+0x53/0xc0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Instead, have the code return -ENODEV, which doesn't warn and has perf error out with: # perf record -e synthetic:futex_wait Error: The sys_perf_event_open() syscall returned with 19 (No such device) for event (synthetic:futex_wait). "dmesg | grep -i perf" may provide additional information. Ideally perf should support synthetic events, but for now just fix the warning. The support can come later.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 4b147936fa509650beaf638b331573c23ba4d609 , < 6819bc6285c0ff835f67cfae7efebc03541782f6 (git)
Affected: 4b147936fa509650beaf638b331573c23ba4d609 , < 6d15f08e6d8d4b4fb02d90805ea97f3e2c1d6fbc (git)
Affected: 4b147936fa509650beaf638b331573c23ba4d609 , < f7305697b60d79bc69c0a6e280fc931b4e8862dd (git)
Affected: 4b147936fa509650beaf638b331573c23ba4d609 , < 65b1971147ec12f0b1cee0811c859a3d7d9b04ce (git)
Affected: 4b147936fa509650beaf638b331573c23ba4d609 , < 3437c775bf209c674ad66304213b6b3c3b1b3f69 (git)
Affected: 4b147936fa509650beaf638b331573c23ba4d609 , < 6df47e5bb9b62d72f186f826ab643ea1856877c7 (git)
Affected: 4b147936fa509650beaf638b331573c23ba4d609 , < ef7f38df890f5dcd2ae62f8dbde191d72f3bebae (git)
Create a notification for this product.
    Linux Linux Affected: 4.17
Unaffected: 0 , < 4.17 (semver)
Unaffected: 5.10.248 , ≤ 5.10.* (semver)
Unaffected: 5.15.198 , ≤ 5.15.* (semver)
Unaffected: 6.1.160 , ≤ 6.1.* (semver)
Unaffected: 6.6.120 , ≤ 6.6.* (semver)
Unaffected: 6.12.64 , ≤ 6.12.* (semver)
Unaffected: 6.18.3 , ≤ 6.18.* (semver)
Unaffected: 6.19 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/trace_events.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6819bc6285c0ff835f67cfae7efebc03541782f6",
              "status": "affected",
              "version": "4b147936fa509650beaf638b331573c23ba4d609",
              "versionType": "git"
            },
            {
              "lessThan": "6d15f08e6d8d4b4fb02d90805ea97f3e2c1d6fbc",
              "status": "affected",
              "version": "4b147936fa509650beaf638b331573c23ba4d609",
              "versionType": "git"
            },
            {
              "lessThan": "f7305697b60d79bc69c0a6e280fc931b4e8862dd",
              "status": "affected",
              "version": "4b147936fa509650beaf638b331573c23ba4d609",
              "versionType": "git"
            },
            {
              "lessThan": "65b1971147ec12f0b1cee0811c859a3d7d9b04ce",
              "status": "affected",
              "version": "4b147936fa509650beaf638b331573c23ba4d609",
              "versionType": "git"
            },
            {
              "lessThan": "3437c775bf209c674ad66304213b6b3c3b1b3f69",
              "status": "affected",
              "version": "4b147936fa509650beaf638b331573c23ba4d609",
              "versionType": "git"
            },
            {
              "lessThan": "6df47e5bb9b62d72f186f826ab643ea1856877c7",
              "status": "affected",
              "version": "4b147936fa509650beaf638b331573c23ba4d609",
              "versionType": "git"
            },
            {
              "lessThan": "ef7f38df890f5dcd2ae62f8dbde191d72f3bebae",
              "status": "affected",
              "version": "4b147936fa509650beaf638b331573c23ba4d609",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/trace_events.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.17"
            },
            {
              "lessThan": "4.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.248",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.160",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.120",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.248",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.198",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.160",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.120",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.64",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.3",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Do not register unsupported perf events\n\nSynthetic events currently do not have a function to register perf events.\nThis leads to calling the tracepoint register functions with a NULL\nfunction pointer which triggers:\n\n ------------[ cut here ]------------\n WARNING: kernel/tracepoint.c:175 at tracepoint_add_func+0x357/0x370, CPU#2: perf/2272\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 2 UID: 0 PID: 2272 Comm: perf Not tainted 6.18.0-ftest-11964-ge022764176fc-dirty #323 PREEMPTLAZY\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-debian-1.17.0-1 04/01/2014\n RIP: 0010:tracepoint_add_func+0x357/0x370\n Code: 28 9c e8 4c 0b f5 ff eb 0f 4c 89 f7 48 c7 c6 80 4d 28 9c e8 ab 89 f4 ff 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc \u003c0f\u003e 0b 49 c7 c6 ea ff ff ff e9 ee fe ff ff 0f 0b e9 f9 fe ff ff 0f\n RSP: 0018:ffffabc0c44d3c40 EFLAGS: 00010246\n RAX: 0000000000000001 RBX: ffff9380aa9e4060 RCX: 0000000000000000\n RDX: 000000000000000a RSI: ffffffff9e1d4a98 RDI: ffff937fcf5fd6c8\n RBP: 0000000000000001 R08: 0000000000000007 R09: ffff937fcf5fc780\n R10: 0000000000000003 R11: ffffffff9c193910 R12: 000000000000000a\n R13: ffffffff9e1e5888 R14: 0000000000000000 R15: ffffabc0c44d3c78\n FS:  00007f6202f5f340(0000) GS:ffff93819f00f000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055d3162281a8 CR3: 0000000106a56003 CR4: 0000000000172ef0\n Call Trace:\n  \u003cTASK\u003e\n  tracepoint_probe_register+0x5d/0x90\n  synth_event_reg+0x3c/0x60\n  perf_trace_event_init+0x204/0x340\n  perf_trace_init+0x85/0xd0\n  perf_tp_event_init+0x2e/0x50\n  perf_try_init_event+0x6f/0x230\n  ? perf_event_alloc+0x4bb/0xdc0\n  perf_event_alloc+0x65a/0xdc0\n  __se_sys_perf_event_open+0x290/0x9f0\n  do_syscall_64+0x93/0x7b0\n  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n  ? trace_hardirqs_off+0x53/0xc0\n  entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nInstead, have the code return -ENODEV, which doesn\u0027t warn and has perf\nerror out with:\n\n # perf record -e synthetic:futex_wait\nError:\nThe sys_perf_event_open() syscall returned with 19 (No such device) for event (synthetic:futex_wait).\n\"dmesg | grep -i perf\" may provide additional information.\n\nIdeally perf should support synthetic events, but for now just fix the\nwarning. The support can come later."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-09T08:35:20.806Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6819bc6285c0ff835f67cfae7efebc03541782f6"
        },
        {
          "url": "https://git.kernel.org/stable/c/6d15f08e6d8d4b4fb02d90805ea97f3e2c1d6fbc"
        },
        {
          "url": "https://git.kernel.org/stable/c/f7305697b60d79bc69c0a6e280fc931b4e8862dd"
        },
        {
          "url": "https://git.kernel.org/stable/c/65b1971147ec12f0b1cee0811c859a3d7d9b04ce"
        },
        {
          "url": "https://git.kernel.org/stable/c/3437c775bf209c674ad66304213b6b3c3b1b3f69"
        },
        {
          "url": "https://git.kernel.org/stable/c/6df47e5bb9b62d72f186f826ab643ea1856877c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef7f38df890f5dcd2ae62f8dbde191d72f3bebae"
        }
      ],
      "title": "tracing: Do not register unsupported perf events",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-71125",
    "datePublished": "2026-01-14T15:06:10.662Z",
    "dateReserved": "2026-01-13T15:30:19.654Z",
    "dateUpdated": "2026-02-09T08:35:20.806Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-71125\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-01-14T15:16:02.213\",\"lastModified\":\"2026-01-19T13:16:19.113\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntracing: Do not register unsupported perf events\\n\\nSynthetic events currently do not have a function to register perf events.\\nThis leads to calling the tracepoint register functions with a NULL\\nfunction pointer which triggers:\\n\\n ------------[ cut here ]------------\\n WARNING: kernel/tracepoint.c:175 at tracepoint_add_func+0x357/0x370, CPU#2: perf/2272\\n Modules linked in: kvm_intel kvm irqbypass\\n CPU: 2 UID: 0 PID: 2272 Comm: perf Not tainted 6.18.0-ftest-11964-ge022764176fc-dirty #323 PREEMPTLAZY\\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-debian-1.17.0-1 04/01/2014\\n RIP: 0010:tracepoint_add_func+0x357/0x370\\n Code: 28 9c e8 4c 0b f5 ff eb 0f 4c 89 f7 48 c7 c6 80 4d 28 9c e8 ab 89 f4 ff 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc \u003c0f\u003e 0b 49 c7 c6 ea ff ff ff e9 ee fe ff ff 0f 0b e9 f9 fe ff ff 0f\\n RSP: 0018:ffffabc0c44d3c40 EFLAGS: 00010246\\n RAX: 0000000000000001 RBX: ffff9380aa9e4060 RCX: 0000000000000000\\n RDX: 000000000000000a RSI: ffffffff9e1d4a98 RDI: ffff937fcf5fd6c8\\n RBP: 0000000000000001 R08: 0000000000000007 R09: ffff937fcf5fc780\\n R10: 0000000000000003 R11: ffffffff9c193910 R12: 000000000000000a\\n R13: ffffffff9e1e5888 R14: 0000000000000000 R15: ffffabc0c44d3c78\\n FS:  00007f6202f5f340(0000) GS:ffff93819f00f000(0000) knlGS:0000000000000000\\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n CR2: 000055d3162281a8 CR3: 0000000106a56003 CR4: 0000000000172ef0\\n Call Trace:\\n  \u003cTASK\u003e\\n  tracepoint_probe_register+0x5d/0x90\\n  synth_event_reg+0x3c/0x60\\n  perf_trace_event_init+0x204/0x340\\n  perf_trace_init+0x85/0xd0\\n  perf_tp_event_init+0x2e/0x50\\n  perf_try_init_event+0x6f/0x230\\n  ? perf_event_alloc+0x4bb/0xdc0\\n  perf_event_alloc+0x65a/0xdc0\\n  __se_sys_perf_event_open+0x290/0x9f0\\n  do_syscall_64+0x93/0x7b0\\n  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\\n  ? trace_hardirqs_off+0x53/0xc0\\n  entry_SYSCALL_64_after_hwframe+0x76/0x7e\\n\\nInstead, have the code return -ENODEV, which doesn\u0027t warn and has perf\\nerror out with:\\n\\n # perf record -e synthetic:futex_wait\\nError:\\nThe sys_perf_event_open() syscall returned with 19 (No such device) for event (synthetic:futex_wait).\\n\\\"dmesg | grep -i perf\\\" may provide additional information.\\n\\nIdeally perf should support synthetic events, but for now just fix the\\nwarning. The support can come later.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3437c775bf209c674ad66304213b6b3c3b1b3f69\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/65b1971147ec12f0b1cee0811c859a3d7d9b04ce\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6819bc6285c0ff835f67cfae7efebc03541782f6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6d15f08e6d8d4b4fb02d90805ea97f3e2c1d6fbc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6df47e5bb9b62d72f186f826ab643ea1856877c7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ef7f38df890f5dcd2ae62f8dbde191d72f3bebae\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f7305697b60d79bc69c0a6e280fc931b4e8862dd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.