CVE-2026-23383
Misaligned Access Vulnerability in Linux BPF JIT on ARM
Publication date: 2026-03-25
Last updated on: 2026-04-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.0 |
| linux | linux_kernel | From 6.19 (inc) to 6.19.7 (exc) |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | From 6.13 (inc) to 6.18.17 (exc) |
| linux | linux_kernel | From 6.0.1 (inc) to 6.12.77 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's BPF JIT (Just-In-Time) compiler for the arm64 architecture. The issue arises because the JIT buffer is only aligned to 4 bytes, but it contains a 64-bit (8-byte) target field that requires 8-byte alignment.
Due to the 4-byte alignment, the target field can be misaligned, which causes two problems: first, misaligned-access warnings are reported by UBSAN (Undefined Behavior Sanitizer); second, and more importantly, on arm64, 64-bit loads and stores are only guaranteed to be atomic if they are 8-byte aligned. Misalignment risks a torn read, meaning the JIT could jump to a corrupted address during execution.
The fix involves increasing the alignment of the JIT buffer allocation to 8 bytes, ensuring the target field is properly aligned and preventing these issues.
How can this vulnerability impact me? :
This vulnerability can cause the JIT-compiled code in the Linux kernel to jump to corrupted or incorrect memory addresses due to torn reads of a misaligned 64-bit target field.
Such behavior can lead to unpredictable kernel behavior, potential crashes, or security issues such as code execution errors or denial of service.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability relates to misaligned 8-byte accesses in the BPF JIT buffer on arm64 Linux kernels, which can cause torn reads and corrupted jumps.
Detection would involve checking the kernel version or patches applied to ensure the alignment fix is present, as well as monitoring for UBSAN misaligned-access warnings in kernel logs.
There are no specific commands provided to detect this vulnerability directly on a system or network.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed by increasing the JIT buffer allocation alignment to 8 bytes in the Linux kernel.
Immediate mitigation steps include updating the Linux kernel to a version that contains this fix.
No other specific mitigation steps or workarounds are provided.