Linux Kernel BPF Range Refinement Vulnerability in Networking
CVE-2025-39748

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 September 2025

What is CVE-2025-39748?

A vulnerability in the Linux kernel's BPF implementation has been identified where the verifier fails to appropriately refine register bounds after JSET instructions. This can lead to inconsistencies in register states, as paths deemed unreachable at runtime are explored incorrectly, creating potential security risks. The issue was reported by Syzbot and pertains to specific BPF program instruction sets that generate misleading range validations. A fix has been implemented to forget these ranges, enhancing the robustness of the kernel's verifier.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2fd0c26bacd90ef26522bd3169000a4715bf151f

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 80a6b11862a7cfdf691e8f9faee89cfea219f098

References

https://git.kernel.org/stable/c/f01e06930444cab289a878301...

https://git.kernel.org/stable/c/2fd0c26bacd90ef26522bd316...

https://git.kernel.org/stable/c/80a6b11862a7cfdf691e8f9fa...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2025
Vulnerability Reserved
Apr 16, 2025