GHSA-p3rp-6995-mvj3

Опубликовано: 28 окт. 2025

Источник: github

Github: Не прошло ревью

Описание

In the Linux kernel, the following vulnerability has been resolved:

bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer

In check_alu_op(), the verifier currently calls check_reg_arg() and adjust_scalar_min_max_vals() unconditionally for BPF_NEG operations. However, if the destination register holds a pointer, these scalar adjustments are unnecessary and potentially incorrect.

This patch adds a check to skip the adjustment logic when the destination register contains a pointer.

In the Linux kernel, the following vulnerability has been resolved:

bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer

This patch adds a check to skip the adjustment logic when the destination register contains a pointer.

Ссылки

EPSS

Процентиль: 7%

0.00027

Низкий

CVE ID

CVE-2025-40050

Связанные уязвимости

CVE-2025-40050

ubuntu

3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer In check_alu_op(), the verifier currently calls check_reg_arg() and adjust_scalar_min_max_vals() unconditionally for BPF_NEG operations. However, if the destination register holds a pointer, these scalar adjustments are unnecessary and potentially incorrect. This patch adds a check to skip the adjustment logic when the destination register contains a pointer.