Linux Kernel BPF Local Storage Vulnerability in PREEMPT_RT Context

Vulnerability

A vulnerability exists in the Linux kernel's handling of BPF local storage within PREEMPT_RT contexts. The issue arises because the standard memory allocation function, kmalloc(GFP_ATOMIC), is not safe in non-preemptible contexts. Instead, BPF programs must use bpf_mem_alloc to allocate memory safely. This vulnerability has been present since the introduction of BPF local storage approximately five years ago.

Impact

Exploitation of this vulnerability can lead to improper memory allocation, potentially causing sleep operations to be called from invalid contexts, which can disrupt kernel scheduling and task management.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel BPF Local Storage Vulnerability in PREEMPT_RT Context

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating