bpf

A small, easily overlooked change in the Linux kernel’s BPF subsystem — tracked as CVE‑2024‑42068 — exposed a window where pages intended to be protected as read‑only could remain writable, creating a practical availability risk that administrators should treat seriously: unhandled failures from...

The Linux kernel received a targeted fix in April 2024 for a subtle arithmetic/overflow mistake in the BPF stackmap code that can be triggered on 32‑bit architectures — a defect tracked as CVE‑2024‑26883 that can produce undefined behavior, memory mis‑calculations and availability impacts on...

Microsoft’s public attestation that Azure Linux includes the vulnerable Linux BPF component behind CVE‑2025‑38502 is accurate — but it is not a blanket assurance that Azure Linux is the only Microsoft product that could carry the same vulnerable upstream code. Background / Overview...

A kernel-level bug in the Linux BPF helper bpf_skb_check_mtu recently received a formal CVE (CVE-2025-68363) after maintainers landed a targeted fix: the helper assumed skb->transport_header was always valid when the BPF_MTU_CHK_SEGS flag was used, but that field can be unset in some paths —...

The Linux kernel received a targeted fix for CVE-2025-37959 — a BPF-related packet-scrubbing bug that could cause *socket buffer (skb) metadata from one network namespace to be preserved and misapplied after a bpf_redirect_peer redirection — a behavior which broke container networking (notably...

The Linux kernel patch tracked as CVE-2025-39886 fixes a subtle BPF (eBPF) allocation and locking interaction — specifically, telling memcg to take the allow_spinning=false path in bpf_timer_init so that memcg accounting does not trigger recursive notifications while a raw spinlock or other...

A carefully crafted signed-division bug in the Linux kernel’s BPF implementation — tracked as CVE-2024-49888 — can cause a kernel crash (an OOPS) on x86_64 systems when a BPF program triggers specific signed divide or modulo operations with minimum-integer operands, and the upstream fix now...

The Linux kernel entry for CVE-2022-49552 closes a subtle but practical correctness bug in the BPF JIT pipeline: a mismatch between the kernel’s jit blinding pass and how BPF subprogram pointers are handled could cause the kernel to attempt execution at an invalid address and crash, producing a...