CVE-2025-40169 bpf: Reject negative offsets for ALU ops

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...

SUSE CVE-2025-38502

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size,...