Vulnerability-Lookup

CVE-2025-71270 (GCVE-0-2025-71270)

Vulnerability from cvelistv5 – Published: 2026-03-18 17:40 – Updated: 2026-03-19 16:01

Title

LoongArch: Enable exception fixup for specific ADE subcode

Summary

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPF_PROBE_MEM* instructions. When a BPF program performs memory access operations, the instructions it executes may trigger ADEM exceptions. The kernel’s built-in BPF exception table mechanism (EX_TYPE_BPF) will generate corresponding exception fixup entries in the JIT compilation phase; however, the architecture-specific trap handling function needs to proactively call the common fixup routine to achieve exception recovery. do_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs, ensure safe execution. Relevant test cases: illegal address access tests in module_attach and subprogs_extable of selftests/bpf.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/73ede654d9daa2ee4…
	https://git.kernel.org/stable/c/c49a28068363f3dca…
	https://git.kernel.org/stable/c/c2ed4f71e9288f21d…
	https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066…

Impacted products

Vendor

Product

Version

Linux

Affected: dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c , < 73ede654d9daa2ee41bdd17bc62946fc5a0258cb (git)
Affected: dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c , < c49a28068363f3dca439aa5fe4d3b1f8159809fe (git)
Affected: dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c , < c2ed4f71e9288f21d5c53ff790270758e60fa5f9 (git)
Affected: dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c , < 9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0 (git)

Linux

Affected: 6.2
Unaffected: 0 , < 6.2 (semver)
Unaffected: 6.6.124 , ≤ 6.6.* (semver)
Unaffected: 6.12.70 , ≤ 6.12.* (semver)
Unaffected: 6.18.10 , ≤ 6.18.* (semver)
Unaffected: 6.19 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/loongarch/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "73ede654d9daa2ee41bdd17bc62946fc5a0258cb",
              "status": "affected",
              "version": "dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c",
              "versionType": "git"
            },
            {
              "lessThan": "c49a28068363f3dca439aa5fe4d3b1f8159809fe",
              "status": "affected",
              "version": "dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c",
              "versionType": "git"
            },
            {
              "lessThan": "c2ed4f71e9288f21d5c53ff790270758e60fa5f9",
              "status": "affected",
              "version": "dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c",
              "versionType": "git"
            },
            {
              "lessThan": "9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0",
              "status": "affected",
              "version": "dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/loongarch/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "lessThan": "6.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.70",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.124",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.70",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.10",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Enable exception fixup for specific ADE subcode\n\nThis patch allows the LoongArch BPF JIT to handle recoverable memory\naccess errors generated by BPF_PROBE_MEM* instructions.\n\nWhen a BPF program performs memory access operations, the instructions\nit executes may trigger ADEM exceptions. The kernel\u2019s built-in BPF\nexception table mechanism (EX_TYPE_BPF) will generate corresponding\nexception fixup entries in the JIT compilation phase; however, the\narchitecture-specific trap handling function needs to proactively call\nthe common fixup routine to achieve exception recovery.\n\ndo_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs,\nensure safe execution.\n\nRelevant test cases: illegal address access tests in module_attach and\nsubprogs_extable of selftests/bpf."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-19T16:01:01.226Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/73ede654d9daa2ee41bdd17bc62946fc5a0258cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/c49a28068363f3dca439aa5fe4d3b1f8159809fe"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2ed4f71e9288f21d5c53ff790270758e60fa5f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0"
        }
      ],
      "title": "LoongArch: Enable exception fixup for specific ADE subcode",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-71270",
    "datePublished": "2026-03-18T17:40:59.838Z",
    "dateReserved": "2026-03-17T09:08:18.458Z",
    "dateUpdated": "2026-03-19T16:01:01.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-71270\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-03-18T18:16:22.230\",\"lastModified\":\"2026-03-19T17:16:21.520\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nLoongArch: Enable exception fixup for specific ADE subcode\\n\\nThis patch allows the LoongArch BPF JIT to handle recoverable memory\\naccess errors generated by BPF_PROBE_MEM* instructions.\\n\\nWhen a BPF program performs memory access operations, the instructions\\nit executes may trigger ADEM exceptions. The kernel\u2019s built-in BPF\\nexception table mechanism (EX_TYPE_BPF) will generate corresponding\\nexception fixup entries in the JIT compilation phase; however, the\\narchitecture-specific trap handling function needs to proactively call\\nthe common fixup routine to achieve exception recovery.\\n\\ndo_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs,\\nensure safe execution.\\n\\nRelevant test cases: illegal address access tests in module_attach and\\nsubprogs_extable of selftests/bpf.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/73ede654d9daa2ee41bdd17bc62946fc5a0258cb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c2ed4f71e9288f21d5c53ff790270758e60fa5f9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c49a28068363f3dca439aa5fe4d3b1f8159809fe\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}

WID-SEC-W-2026-0790

Vulnerability from csaf_certbund - Published: 2026-03-18 23:00 - Updated: 2026-03-26 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einem Denial-of-Service-Zustand, einer Rechteausweitung oder einer Speicherbeschädigung führen können.

Betroffene Betriebssysteme: - Linux

CVE-2025-71268

CVE-2025-71269

CVE-2025-71270

CVE-2026-23249

CVE-2026-23250

CVE-2026-23251

CVE-2026-23252

CVE-2026-23253

CVE-2026-23254

CVE-2026-23255

CVE-2026-23256

CVE-2026-23257

CVE-2026-23258

CVE-2026-23259

CVE-2026-23260

CVE-2026-23261

CVE-2026-23262

CVE-2026-23263

CVE-2026-23264

CVE-2026-23265

CVE-2026-23266

CVE-2026-23267

CVE-2026-23268

CVE-2026-23269

CVE-2026-23270

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://lore.kernel.org/linux-cve-announce/	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://kb.igel.com/en/security-safety/current/is…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einem Denial-of-Service-Zustand, einer Rechteausweitung oder einer Speicherbesch\u00e4digung f\u00fchren k\u00f6nnen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0790 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0790.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0790 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0790"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71268",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031814-CVE-2025-71268-057a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71269",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2025-71269-b47d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71270",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2025-71270-19ac@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23249",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031843-CVE-2026-23249-c309@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23250",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031845-CVE-2026-23250-271e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23251",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031845-CVE-2026-23251-259a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23252",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031846-CVE-2026-23252-6bef@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23253",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031846-CVE-2026-23253-b1c6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23254",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031817-CVE-2026-23254-6387@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23255",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031817-CVE-2026-23255-fc51@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23256",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031818-CVE-2026-23256-b93b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23257",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031818-CVE-2026-23257-bd18@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23258",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031818-CVE-2026-23258-d181@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23259",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031819-CVE-2026-23259-5bd7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23260",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031819-CVE-2026-23260-6464@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23261",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031819-CVE-2026-23261-f757@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23262",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031820-CVE-2026-23262-a421@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23263",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031820-CVE-2026-23263-5c88@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23264",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031820-CVE-2026-23264-fe5b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23265",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031853-CVE-2026-23265-6d01@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23266",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031853-CVE-2026-23266-b57b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23267",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031811-CVE-2026-23267-ff55@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23268",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031846-CVE-2026-23268-6be3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23269",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031846-CVE-2026-23269-2bf7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23270",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031847-CVE-2026-23270-cb9a@gregkh/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0961-1 vom 2026-03-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024805.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0962-1 vom 2026-03-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024803.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0984-1 vom 2026-03-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024841.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1003-1 vom 2026-03-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024925.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1041-1 vom 2026-03-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024928.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1078-1 vom 2026-03-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024954.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1077-1 vom 2026-03-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024956.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1081-1 vom 2026-03-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024953.html"
      },
      {
        "category": "external",
        "summary": "IGEL Security Notice ISN-2026-07 vom 2026-03-26",
        "url": "https://kb.igel.com/en/security-safety/current/isn-2026-07-apparmor-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-26T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-27T09:01:23.025+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0790",
      "initial_release_date": "2026-03-18T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-18T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-23T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-03-24T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-03-25T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-03-26T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE und IGEL aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IGEL OS",
            "product": {
              "name": "IGEL OS",
              "product_id": "T017865",
              "product_identification_helper": {
                "cpe": "cpe:/o:igel:os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IGEL"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T051923",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-71268",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-71268"
    },
    {
      "cve": "CVE-2025-71269",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-71269"
    },
    {
      "cve": "CVE-2025-71270",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-71270"
    },
    {
      "cve": "CVE-2026-23249",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23249"
    },
    {
      "cve": "CVE-2026-23250",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23250"
    },
    {
      "cve": "CVE-2026-23251",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23251"
    },
    {
      "cve": "CVE-2026-23252",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23252"
    },
    {
      "cve": "CVE-2026-23253",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23253"
    },
    {
      "cve": "CVE-2026-23254",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23254"
    },
    {
      "cve": "CVE-2026-23255",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23255"
    },
    {
      "cve": "CVE-2026-23256",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23256"
    },
    {
      "cve": "CVE-2026-23257",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23257"
    },
    {
      "cve": "CVE-2026-23258",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23258"
    },
    {
      "cve": "CVE-2026-23259",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23259"
    },
    {
      "cve": "CVE-2026-23260",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23260"
    },
    {
      "cve": "CVE-2026-23261",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23261"
    },
    {
      "cve": "CVE-2026-23262",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23262"
    },
    {
      "cve": "CVE-2026-23263",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23263"
    },
    {
      "cve": "CVE-2026-23264",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23264"
    },
    {
      "cve": "CVE-2026-23265",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23265"
    },
    {
      "cve": "CVE-2026-23266",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23266"
    },
    {
      "cve": "CVE-2026-23267",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23267"
    },
    {
      "cve": "CVE-2026-23268",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23268"
    },
    {
      "cve": "CVE-2026-23269",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23269"
    },
    {
      "cve": "CVE-2026-23270",
      "product_status": {
        "known_affected": [
          "T002207",
          "T051923",
          "T017865"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-23270"
    }
  ]
}

GHSA-7652-R6CV-CV5F

Vulnerability from github – Published: 2026-03-18 18:31 – Updated: 2026-03-19 18:31

Details

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: Enable exception fixup for specific ADE subcode

This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPF_PROBE_MEM* instructions.

When a BPF program performs memory access operations, the instructions it executes may trigger ADEM exceptions. The kernel’s built-in BPF exception table mechanism (EX_TYPE_BPF) will generate corresponding exception fixup entries in the JIT compilation phase; however, the architecture-specific trap handling function needs to proactively call the common fixup routine to achieve exception recovery.

do_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs, ensure safe execution.

Relevant test cases: illegal address access tests in module_attach and subprogs_extable of selftests/bpf.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-71270"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-18T18:16:22Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Enable exception fixup for specific ADE subcode\n\nThis patch allows the LoongArch BPF JIT to handle recoverable memory\naccess errors generated by BPF_PROBE_MEM* instructions.\n\nWhen a BPF program performs memory access operations, the instructions\nit executes may trigger ADEM exceptions. The kernel\u2019s built-in BPF\nexception table mechanism (EX_TYPE_BPF) will generate corresponding\nexception fixup entries in the JIT compilation phase; however, the\narchitecture-specific trap handling function needs to proactively call\nthe common fixup routine to achieve exception recovery.\n\ndo_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs,\nensure safe execution.\n\nRelevant test cases: illegal address access tests in module_attach and\nsubprogs_extable of selftests/bpf.",
  "id": "GHSA-7652-r6cv-cv5f",
  "modified": "2026-03-19T18:31:16Z",
  "published": "2026-03-18T18:31:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71270"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/73ede654d9daa2ee41bdd17bc62946fc5a0258cb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b9d9a221bd14ed4b01d113701976fa376762c544"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c2ed4f71e9288f21d5c53ff790270758e60fa5f9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c49a28068363f3dca439aa5fe4d3b1f8159809fe"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2025-71270

Vulnerability from fkie_nvd - Published: 2026-03-18 18:16 - Updated: 2026-03-19 17:16

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/73ede654d9daa2ee41bdd17bc62946fc5a0258cb
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c2ed4f71e9288f21d5c53ff790270758e60fa5f9
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c49a28068363f3dca439aa5fe4d3b1f8159809fe

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Enable exception fixup for specific ADE subcode\n\nThis patch allows the LoongArch BPF JIT to handle recoverable memory\naccess errors generated by BPF_PROBE_MEM* instructions.\n\nWhen a BPF program performs memory access operations, the instructions\nit executes may trigger ADEM exceptions. The kernel\u2019s built-in BPF\nexception table mechanism (EX_TYPE_BPF) will generate corresponding\nexception fixup entries in the JIT compilation phase; however, the\narchitecture-specific trap handling function needs to proactively call\nthe common fixup routine to achieve exception recovery.\n\ndo_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs,\nensure safe execution.\n\nRelevant test cases: illegal address access tests in module_attach and\nsubprogs_extable of selftests/bpf."
    }
  ],
  "id": "CVE-2025-71270",
  "lastModified": "2026-03-19T17:16:21.520",
  "metrics": {},
  "published": "2026-03-18T18:16:22.230",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/73ede654d9daa2ee41bdd17bc62946fc5a0258cb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c2ed4f71e9288f21d5c53ff790270758e60fa5f9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c49a28068363f3dca439aa5fe4d3b1f8159809fe"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-71270 (GCVE-0-2025-71270)

WID-SEC-W-2026-0790

GHSA-7652-R6CV-CV5F

FKIE_CVE-2025-71270

Tags

Sightings

Nomenclature