Linux Kernel PowerPC BPF JIT Trampoline Size Calculation Vulnerability

Vulnerability

A vulnerability in the Linux kernel's BPF JIT compiler for PowerPC architecture has been addressed. The issue arose because the function that estimates the JIT code size for BPF trampolines did not account for the actual buffer allocation needed for JIT compilation. This discrepancy could lead to a JIT buffer overflow, as the size calculated during a preliminary pass could underestimate the instructions required, especially when the final image location for JITing introduced dependencies. Consequently, a warning would be triggered if the JIT image location exceeded the allocated buffer's end, indicating a potential overflow risk.

Impact

The vulnerability could cause a JIT buffer overflow, leading to memory corruption or arbitrary code execution.

Added: Jul 10, 2025, 10:56 AM

Updated: Jul 10, 2025, 10:56 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PowerPC BPF JIT Trampoline Size Calculation Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating