BPF Signal Handling Issue in Linux Kernel
CVE-2025-21728

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

In the Linux kernel, a noteworthy vulnerability arose from the use of the bpf_send_signal() function within non-preemptible contexts. This function can cause issues as it may enter a sleep state, which is problematic in such execution contexts. The kernel has been updated to replace the irqs_disabled() condition with !preemptible(), addressing this potential disruption in signal handling for BPF programs.

Affected Version(s)

Linux 1bc7896e9ef44fd77858b3ef0b8a6840be3a4494

Linux 1bc7896e9ef44fd77858b3ef0b8a6840be3a4494 < 78b97783496b454435639937db3303e900a24d3f

References

https://git.kernel.org/stable/c/be42a09fe898635b0093c0c8d...

https://git.kernel.org/stable/c/eeef8e65041a031bd8a747a39...

https://git.kernel.org/stable/c/78b97783496b454435639937d...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024