AZL-66410 CVE-2025-38528 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...

CVE-2025-38528

CVE-2025-38528: In the Linux kernel, a BPF format-string handling flaw in bpf_bprintf_prepare could fail to reject a crafted %\x00 sequence, allowing a runtime kernel warning when a BPF program uses %p% (as shown by the example). A patch fixes this by ensuring punctuation isn’t skipped during pro...

CVE-2025-38528 bpf: Reject %p% format string in bprintf-like helpers

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...

PT-2025-33571

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the BPF subsystem where the %p% format string in bprintf-like helpers is not rejected. This results in a kernel warning at runtime, specifically...