CVE-2025-21728

bpf: Send signals asynchronously if !preemptible

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program
running in a non-preemptible context uses the bpf_send_signal() kfunc,
it will cause issues because this kfunc can sleep.
Change `irqs_disabled()` to `!preemptible()`.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-27 CVE Published
2025-02-27 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/1bc7896e9ef44fd77858b3ef0b8a6840be3a4494	Vuln. Introduced
https://git.kernel.org/stable/c/fd29a0242f86b2d95ad666aa9f92a3d0f7bfdab6	Vuln. Introduced
https://git.kernel.org/stable/c/7930d01afb7281edd9782971e0cca6fe587c7a7b	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/be42a09fe898635b0093c0c8dac1bfabe225c240	2025-02-21
https://git.kernel.org/stable/c/eeef8e65041a031bd8a747a392c14b76a123a12c	2025-02-08
https://git.kernel.org/stable/c/78b97783496b454435639937db3303e900a24d3f	2025-02-08
https://git.kernel.org/stable/c/092fc76b7ab4163e008f9cde596a58dad2108260	2025-02-08
https://git.kernel.org/stable/c/87c544108b612512b254c8f79aa5c0a8546e2cc4	2025-01-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 6.1.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 6.1.129"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 6.6.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 6.6.76"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 6.12.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 6.12.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 6.13.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 6.13.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 6.14-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 6.14-rc1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.4.33 Search vendor "Linux" for product "Linux Kernel" and version "5.4.33"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.5.18 Search vendor "Linux" for product "Linux Kernel" and version "5.5.18"		en		Affected