CVE-2026-23417

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to BPF ST | BPF PROBE MEM32 immediate stores. Specifically, user-controlled 32-bit immediates could survive unblinded into JIT-compiled native code when bpf jit harden is set to 1. This occurs because the bpf jit blind insn() function did not handle BPF ST|BPF PROBE MEM32 immediate stores, allowing the instruction to fall through unblinded. The issue stems from a rewriting process during verification that changes BPF ST|BPF MEM to BPF ST|BPF PROBE MEM32, but the blinding switch only matched the original mode. The fix involves adding BPF ST|BPF PROBE MEM32 cases to the bpf jit blind insn() function to ensure proper blinding.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.