Primary

Context

Linux Kernel BPF Soft Lockup Vulnerability in 64KB Page AArch64 Kernels

Vulnerability

A vulnerability in the Linux kernel's BPF implementation can lead to a segmentation fault and soft lockup on AArch64 kernels with 64KB page size. This issue arises in arena_htab tests, where the function arena_map_free() calls apply_to_existing_page_range() with an unaligned address, causing the system to enter a soft lockup state. The problem does not occur with 4KB pages on AArch64.

Impact

Exploitation of this vulnerability causes a soft lockup, where the system becomes unresponsive due to a process consuming excessive CPU resources.

Remediation

The vulnerability has been fixed in the official Linux Git repository. Users should upgrade to the latest version.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel BPF Soft Lockup Vulnerability in 64KB Page AArch64 Kernels

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating