EUVD-2026-25524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce...

MiracleLinux 8 : kernel-4.18.0-513.9.1.el8_9 (AXSA:2024-7403:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7403:01 advisory. kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe CVE-2023-2163 kernel: tun: bugs for oversize...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003955)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003955 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001404 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001149 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001197 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002753)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002753 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003415 advisory. The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service memory corruption or possibly have...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003258 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002823)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002823 advisory. The docheck function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allowptrleaks value available for restricting the output of the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001616 advisory. The checkstackboundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or...

CVE-2022-50650

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference state management for synchronous callbacks Currently, verifier verifies callback functions sync and async as if they will be executed once, i.e. it explores execution state as if the function was being called...

EUVD-2025-124914

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...

CVE-2025-40050

CVE-2025-40050 refers to a Linux kernel BPF verifier fix: in check_alu_op(), the code previously performed unconditional scalar adjustments for BPF_NEG; if the destination is a pointer, those scalar adjustments are unnecessary and could be incorrect. The patch adds a check to skip adjustment logi...

Linux Distros Unpatched Vulnerability : CVE-2025-38591

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169...

CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

The vulnerability of the check_max_stack_depth() function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system’s kernel, allows a hacker to access protected information or trigger a service failure.

The vulnerability of the checkmaxstackdepth function in the kernel/bpf/verifier.c module, which is part of the BPF interpreter support in the Linux operating system, involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to access protected informatio...

The vulnerability of the check_helper_mem_access() function in the kernel/bpf/verifier.c module of the Linux operating system allows a attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the checkhelpermemaccess function in the kernel/bpf/verifier.c module of the Linux operating system is related to errors in the code. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

The vulnerability of the check_func_arg() function in the kernel/bpf/verifier.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the checkfuncarg function in the kernel/bpf/verifier.c module of the Linux operating system is related to improper control of resource identifiers “resource injection”. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...