Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Buffer Overflow Vulnerability in BPF Sample Program

Vulnerability

A buffer overflow vulnerability has been fixed in the Linux kernel's BPF sample program 'tcp_basertt'. This issue was present in the stable group of the Linux kernel. The vulnerability arose from incorrect handling of buffer sizes, which could potentially be exploited to cause memory corruption.

Impact

Exploitation of this vulnerability could lead to a buffer overflow, allowing for memory corruption.

Reproduction

The vulnerability can be reproduced by loading the BPF sample program 'tcp_basertt' into the kernel. The program can be attached to a socket operation that retrieves the base round-trip time (RTT) value. The vulnerability occurs when the program incorrectly compares congestion control options, leading to a buffer overflow.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The fixed version can be downloaded from the Linux kernel's official repository.

Added: Dec 30, 2025, 2:00 PM
Updated: Dec 30, 2025, 2:00 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
1.8
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.