ebpf

A careless protocol flip inside an eBPF helper can crash a Linux host: CVE-2025-38192 is a kernel networking bug that occurs when a NAT46 BPF program changes an skb's protocol from IPv4 to IPv6 without clearing the associated destination (dst) pointer, producing a NULL pointer dereference and a...

The Linux kernel received a targeted fix in April 2024 for a subtle arithmetic/overflow mistake in the BPF stackmap code that can be triggered on 32‑bit architectures — a defect tracked as CVE‑2024‑26883 that can produce undefined behavior, memory mis‑calculations and availability impacts on...

A subtle but important kernel correctness fix landed this week to close a race and null-pointer access in the eBPF runtime: an invalid access of prog->stats can occur when update_effective_progs fails and the program slot is replaced with a dummy program, allowing a concurrent softirq path to...

A kernel-level fix landed this week to close a subtle eBPF map bug that could make kernel-held objects persist longer than intended: CVE-2025-68744 patches a missing cleanup in the BPF percpu hash and LRU-percpu hash update path so that special fields (notably kptr reference/per-CPU pointer...

A subtle mismatch between how the Linux BPF verifier handles 32-bit loads from packet context and how those values are later represented in generated code has been assigned CVE‑2024‑47702 — a medium‑severity bug that can cause kernel verification failures and runtime crashes when eBPF programs...

A subtle bug in the Linux kernel’s eBPF fentry attach path — tracked as CVE-2023-53221 — can leave behind allocated BPF trampoline images when an fentry attach fails, producing a persistent memory leak that, if abused at scale, can deny availability to services and systems; this behavior is...

The Linux kernel received a focused upstream fix for CVE-2025-40079 — a RISC‑V specific BPF correctness bug where struct ops return values were not being sign‑extended according to the RISC‑V ABI, a mismatch that could trigger kernel panics in the ns_bpf_qdisc selftest and destabilize hosts...

Microsoft’s latest open-source contribution has engineers and security enthusiasts buzzing. In a move that underscores its deepening involvement in cross-platform innovation, Microsoft has proposed Hornet—a Linux security module (LSM) designed to verify the integrity of eBPF programs within the...

Picture this: You're deep in the depths of cloud application security, battling endless layers of abstraction till your brain is spinning like it’s stuck in an infinite loop. Securing cloud-native applications can feel like trying to spot a speck of dust in a sandstorm. But just when you had...