Linux Kernel BPF Per-CPU Element Lookup Vulnerability in Sleepable Programs

Vulnerability

A vulnerability exists in the Linux kernel's BPF (Berkeley Packet Filter) subsystem, specifically within the 'bpf_map_lookup_percpu_elem()' helper function. This function is available for sleepable BPF programs, but when the BPF Just-In-Time (JIT) compilation is disabled or on 32-bit hosts, the function is not inlined. As a result, using it in a sleepable BPF program can trigger a warning, since the program only holds the 'srcu_read_lock_trace' lock. The vulnerability has been addressed by adding a check to ensure proper lock handling.

Impact

The vulnerability could lead to improper lock management in sleepable BPF programs, potentially causing synchronization issues or other unintended behaviors.

Added: Jul 4, 2025, 3:23 PM

Updated: Jul 4, 2025, 3:23 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel BPF Per-CPU Element Lookup Vulnerability in Sleepable Programs

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating