Linux Kernel BPF Signal Handling Vulnerability Leading to Kernel Panic

Vulnerability

A vulnerability in the Linux kernel's BPF (Berkeley Packet Filter) implementation can cause a kernel panic. This issue arises when a task with PID 1 (typically the init process) attaches a BPF program that attempts to send a terminating signal to itself. The resulting kernel panic indicates a failed attempt to terminate the init process, which is critical for system operation. The vulnerability has been addressed by modifying the signal handling to exclude the task with PID 1, thereby preventing the panic.

Impact

Exploitation of this vulnerability leads to a kernel panic, causing the system to stop all processes and potentially requiring a reboot.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel BPF Signal Handling Vulnerability Leading to Kernel Panic

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating