JLSEC-2026-559

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fixed the jump offset calculation in tailcall operations. The additional call to bpfintjitcompile skips the JIT context initialization. This effectively skips the offset calculation, resulting in outoffset being s...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...

Astra Linux - уязвимость в linux-5.10, linux-5.15

A out-of-bounds memory read flaw was discovered in the Linux kernel’s BPF subsystem, related to how a user calls the bpftailcall function with a key that is larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001721 advisory. An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988725 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451...

SUSE CVE-2025-39990

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

CVE-2025-39990

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

EUVD-2025-34583

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

AZL-68519 CVE-2025-39990 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

UBUNTU-CVE-2025-39990

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

CVE-2025-39990

The CVE-2025-39990 issue affects the Linux kernel’s BPF verifier logic: a NULL helper pointer could arise in get_helper_proto due to a disabled config option. The fix marks the tail_call helper as BPF_PTR_POISON since it is unused by design, mitigating the NULL pointer path. Public advisories (SU...

CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986712 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414425 advisory. An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of...

EUVD-2025-26746

Malicious code in bioql PyPI...

EUVD-2021-32691

Malicious code in bioql PyPI...

LoongArch: BPF: Fix jump offset calculation in tailcall

...