BPF ALU Operation Vulnerability in Linux Kernel
CVE-2025-40169
What is CVE-2025-40169?
In the Linux Kernel, a significant vulnerability related to BPF (Berkeley Packet Filter) operations was identified where the validation of instructions with ALU (Arithmetic Logic Unit) operations incorrectly permitted negative offset values. This issue originated from the check_alu_op() function that was supposed to ensure that only specific offsets (0 and 1) were acceptable. However, due to the use of a signed 16-bit integer for the offset field, the previous validation condition allowed for negative offset values, which could lead to exploitation through malformed BPF programs. The recent patch rectifies this by enforcing stricter validation that rejects any offsets outside of the allowed range, thereby enhancing the security posture against potential malformed program attacks.
Affected Version(s)
Linux ec0e2da95f72d4a46050a4d994e4fe471474fd80 < 3bce44b344040e5eef3d64d38b157c15304c0aab
Linux ec0e2da95f72d4a46050a4d994e4fe471474fd80 < 5017c302ca4b2a45149ad64e058fa2d5623c068f
Linux ec0e2da95f72d4a46050a4d994e4fe471474fd80 < 21167bf70dbe400563e189ac632258d35eda38b5