BPF Access Vulnerability in Linux Kernel Userspace Networking
CVE-2025-40078

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 October 2025

What is CVE-2025-40078?

A vulnerability in the Linux kernel's bpf_sock_addr functionality allows improper access to padded memory. Exploitation can occur when sock_addr programs attempt to interact with kernel structures that have implicit padding. This could lead to significant security issues as the context access conversion may encounter errors, potentially making the system vulnerable to attackers. The issue has been addressed in a patch that enforces explicit checks for all relevant fields within bpf_sock_addr, ensuring that unauthorized accesses do not occur.

Affected Version(s)

Linux 1cedee13d25ab118d325f95588c1a084e9317229

Linux 1cedee13d25ab118d325f95588c1a084e9317229 < 76e04bbb4296fb6eac084dbfc27e02ccc744db3e

Linux 1cedee13d25ab118d325f95588c1a084e9317229 < 6d8b1a21fd5c34622b0c3893c61e4a38d8ba53ec

References

https://git.kernel.org/stable/c/de44cdc50d2dce8718cb57ded...

https://git.kernel.org/stable/c/76e04bbb4296fb6eac084dbfc...

https://git.kernel.org/stable/c/6d8b1a21fd5c34622b0c3893c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2025
Vulnerability Reserved
Apr 16, 2025

JSON