CVE-2025-71270
Analyzed Analyzed - Analysis Complete

Memory Access Exception Handling Flaw in Linux LoongArch BPF JIT

Vulnerability report for CVE-2025-71270, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-18

Last updated on: 2026-05-21

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPF_PROBE_MEM* instructions. When a BPF program performs memory access operations, the instructions it executes may trigger ADEM exceptions. The kernel’s built-in BPF exception table mechanism (EX_TYPE_BPF) will generate corresponding exception fixup entries in the JIT compilation phase; however, the architecture-specific trap handling function needs to proactively call the common fixup routine to achieve exception recovery. do_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs, ensure safe execution. Relevant test cases: illegal address access tests in module_attach and subprogs_extable of selftests/bpf.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-18
Last Modified
2026-05-21
Generated
2026-07-06
AI Q&A
2026-03-18
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 6 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 6.7 (inc) to 6.12.70 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.124 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.10 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability relates to the Linux kernel's handling of memory access errors in BPF (Berkeley Packet Filter) programs on the LoongArch architecture. Specifically, it involves the BPF JIT (Just-In-Time) compiler's ability to manage recoverable memory access errors triggered by BPF_PROBE_MEM* instructions. The kernel's exception table mechanism generates fixup entries during JIT compilation, but the architecture-specific trap handler must call a common fixup routine to properly recover from these exceptions. The vulnerability was fixed by enabling this exception fixup for specific ADE subcodes, ensuring safe execution of BPF programs.

Impact Analysis

If unpatched, this vulnerability could cause BPF programs on LoongArch systems to improperly handle memory access errors, potentially leading to unsafe execution or crashes. This could affect system stability or security when running BPF programs that perform memory access operations, as the kernel might not correctly recover from certain exceptions.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71270. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart