Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fixed the jump offset calculation in tailcall. The additional call to bpfintjitcompile skips the JIT context initialization. This effectively skips the offset calculation, resulting in outoffset = -1. Therefore, t...

JLSEC-2026-559

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

PT-2026-47117

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...

Astra Linux - уязвимость в linux-5.10

A out-of-bounds memory read flaw was discovered in the Linux kernel’s BPF subsystem, related to how a user calls the bpftailcall function with a key that is larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001721 advisory. An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: In the bpf module, it was necessary to check whether the helper function is valid in gethelperproto. The kernel test robot reported a bug related to the verifier 1, where the helper function pointer could be NULL due to a disable...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988725 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451...

SUSE CVE-2025-39990

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

CVE-2025-39990

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

EUVD-2025-34583

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

AZL-68519 CVE-2025-39990 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

UBUNTU-CVE-2025-39990

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

CVE-2025-39990

The CVE-2025-39990 issue affects the Linux kernel’s BPF verifier logic: a NULL helper pointer could arise in get_helper_proto due to a disabled config option. The fix marks the tail_call helper as BPF_PTR_POISON since it is unused by design, mitigating the NULL pointer path. Public advisories (SU...

CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

PT-2025-42264

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the BPF Berkeley Packet Filter subsystem related to helper function validation within the get helper proto function. A kernel test robot identified a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986712 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414425 advisory. An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of...

EUVD-2021-32691

Malicious code in bioql PyPI...