CVE-2025-40079

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc1-g2465bb83e0b4

Description The Linux kernel contains a flaw related to how return values from BPF (Berkeley Packet Filter) programs are handled, specifically when dealing with struct operations on the RISC-V architecture. The issue arises because the BPF FIFO dequeue program returns a pointer that is treated as a 32-bit value and sign-extended to 64-bit, which is incorrect for struct operations requiring the RISC-V ABI (Application Binary Interface). This can lead to a kernel panic, as demonstrated by the ns bpf qdisc selftest triggering an inability to handle kernel paging requests.

Recommendations Update to Linux kernel version 6.17.0-rc1-g2465bb83e0b4 or a later version that includes the fix.