CNNVD-202511-1436 Information

CNNVD ID

CNNVD-202511-1436

Related CVE

CVE-2025-40169

• CNNVD Published: 2025-11-12

Description (Chinese)

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于BPF验证器未正确拒绝ALU操作中的负偏移量，可能导致恶意BPF程序执行。

Description (English)

Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. Linux Kernel had a security loophole, which stemmed from the BPF certifier ’ s incorrect rejection of negative offsets in the ALU operation, which could lead to malicious BPF implementation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Linux

Published

2025-11-12

Last Modified

2026-02-24

References

https://git.kernel.org/stable/c/3bce44b344040e5eef3d64d38b157c15304c0aab https://git.kernel.org/stable/c/21167bf70dbe400563e189ac632258d35eda38b5 https://git.kernel.org/stable/c/5017c302ca4b2a45149ad64e058fa2d5623c068f https://git.kernel.org/stable/c/55c0ced59fe17dee34e9dfd5f7be63cbab207758 https://vigilance.fr/vulnerability/Linux-kernel-multiple-vulnerabilities-dated-12-11-2025-48734

Patch

https://www.kernel.org/