Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a combination of JIT blinding and pointers to bpf subprogs. The combination of JIT blinding and pointers to bpf subprogs causes the following issue: 36.989548 BUG: Unable to handle a page fault for address:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed the exception exit lock checking for subprogs. The processbpfexitfull function passes checklock = !curframe to checkresourceleak, which results in a false negative when bpfthrow is called from a static subprog. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: For bpf on x86 architecture: Fixed the issue of not releasing bpfprogpack after its use. Syzbot reported several issues with bpfprogpack 1, 2. This issue only occurs when multiple subprogs are involved. In jitsubprogs, we firs...

SUSE CVE-2026-31526

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs processbpfexitfull passes checklock = !curframe to checkresourceleak, which is false in cases when bpfthrow is called from a static subprog. This makes checkresourceleak to skip...

CVE-2026-31526

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs processbpfexitfull passes checklock = !curframe to checkresourceleak, which is false in cases when bpfthrow is called from a static subprog. This makes checkresourceleak to skip...

CVE-2026-31526 bpf: Fix exception exit lock checking for subprogs

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs processbpfexitfull passes checklock = !curframe to checkresourceleak, which is false in cases when bpfthrow is called from a static subprog. This makes checkresourceleak to skip...

CVE-2026-31526

Summary: CVE-2026-31526 concerns the Linux kernel BPF verifier. A defect in exception exits for BPF subprograms allowed ORC unwinding to proceed without releasing user-held locks, risking resource leaks and instability. The root cause: process_bpf_exit_full() could set check_lock=false for except...

PT-2026-34431

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs process bpf exit full passes check lock = !curframe to check resource leak, which is false in cases when bpf throw is called from a static subprog. This makes check resource leak...

bpf: Fix combination of jit blinding and pointers to bpf subprogs.

...

EUVD-2022-54680

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. The combination of jit blinding and pointers to bpf subprogs causes: 36.989548 BUG: unable to handle page fault for address: 0000000100000001 36.990342 PF:...

EUVD-2025-11259

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-58098

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: track changespktdata property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state...

CVE-2022-50168 bpf, x86: fix freeing of not-finalized bpf_prog_pack

In the Linux kernel, the following vulnerability has been resolved: bpf, x86: fix freeing of not-finalized bpfprogpack syzbot reported a few issues with bpfprogpack 1, 2. This only happens with multiple subprogs. In jitsubprogs, we first call bpfintjitcompile on each sub program. And then, we cal...

OESA-2025-1539 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. Fo...

DEBIAN-CVE-2024-58098

In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. For example, consider the following program: attributenoinline long...

DEBIAN-CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...

CVE-2025-22048 LoongArch: BPF: Don't override subprog's return value

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Don't override subprog's return value The verifier test calls: div by 0 in subprog triggers a panic at the ld.bu instruction. The ld.bu insn is trying to load byte from memory address returned by the subprog. The...

DEBIAN-CVE-2022-49552

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. The combination of jit blinding and pointers to bpf subprogs causes: 36.989548 BUG: unable to handle page fault for address: 0000000100000001 36.990342 PF:...

CVE-2022-49552

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. The combination of jit blinding and pointers to bpf subprogs causes: 36.989548 BUG: unable to handle page fault for address: 0000000100000001 36.990342 PF:...

CVE-2022-49552

CVE-2022-49552 affects the Linux kernel. The issue arises in the BPF JIT blinding logic where ld_imm64 addresses to subprogs are misidentified as normal instructions, causing a page fault in kernel mode. The root cause is the two-phase JIT process for subprogs; the first phase blinds and the seco...