BPF Helper Function Vulnerability in Linux Kernel by The Linux Foundation
CVE-2025-39990

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39990?

A vulnerability has been identified in the Linux kernel related to the BPF helper function, specifically in its validation process. The issue arises when the helper function pointer may be NULL due to a disabled configuration option. The kernel's verifier reported a bug where this lack of validation could lead to unintended behavior. The implementation has been refined to check the helper function directly in 'get_helper_proto' and to mark the tail_call helper function with 'BPF_PTR_POISON' to prevent misuse, as it is deliberately not used.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux f470378c7562a2818b45ed11c98973f2b89eedd3 < 3d429cb1278e995e22995ef117fa96d223a67e93

Linux f470378c7562a2818b45ed11c98973f2b89eedd3 < 6233715b4b714068d6c831d214a4e8792109875a

Linux f470378c7562a2818b45ed11c98973f2b89eedd3

References

https://git.kernel.org/stable/c/3d429cb1278e995e22995ef11...
https://git.kernel.org/stable/c/6233715b4b714068d6c831d21...
https://git.kernel.org/stable/c/e4414b01c1cd9887bbde92f94...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.