CVE-2025-71129

Summary

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: BPF: Sign extend kfunc call arguments

The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new emit_abi_ext() helper. The emit_abi_ext() helper performs extension in place meaning a value already store in the target register (Note: this is different from the existing sign_extend() helper and thus we can't reuse it).

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5dc615520c4dfb358245680f1904bad61116648e < fd43edf357a3a1f5ed1c4bf450b60001c9091c39affected
LinuxLinux5dc615520c4dfb358245680f1904bad61116648e < 0d666db731e95890e0eda7ea61bc925fd2be90c6affected
LinuxLinux5dc615520c4dfb358245680f1904bad61116648e < 321993a874f571a94b5a596f1132f798c663b56eaffected
LinuxLinux5dc615520c4dfb358245680f1904bad61116648e < 3f5a238f24d7b75f9efe324d3539ad388f58536eaffected
LinuxLinux6.1affected
LinuxLinux0 < 6.1unaffected
LinuxLinux6.6.120 <= 6.6.*unaffected
LinuxLinux6.12.64 <= 6.12.*unaffected
LinuxLinux6.18.4 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References