CVE-2023-52928
Published: Mar 27, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrack_insn The verifier skips invalid kfunc call in check_kfunc_call(), which would be captured in fixup_kfunc_call() if such insn is not eliminated by dead code elimination. However, this can lead to the following warning in backtrack_insn(), also see [1]: ------------[ cut here ]------------ verifier backtracking bug WARNING: CPU: 6 PID: 8646 at kernel/bpf/verifier.c:2756 backtrack_insn kernel/bpf/verifier.c:2756 __mark_chain_precision kernel/bpf/verifier.c:3065 mark_chain_precision kernel/bpf/verifier.c:3165 adjust_reg_min_max_vals kernel/bpf/verifier.c:10715 check_alu_op kernel/bpf/verifier.c:10928 do_check kernel/bpf/verifier.c:13821 [inline] do_check_common kernel/bpf/verifier.c:16289 [...] So make backtracking conservative with this by returning ENOTSUPP. [1] https://lore.kernel.org/bpf/CACkBjsaXNceR8ZjkLG=dT3P=4A8SBsg0Z5h5PWLryF5=ghKq=g@mail.gmail.com/
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e6ac2450d6dee3121cd8bbf2907b78a68a8a353d - < 6e2fac197de2c4c041bdd8982cffb104689113f1affected e6ac2450d6dee3121cd8bbf2907b78a68a8a353d - < 74eec8266f37aff609db6a2f2b093e56a11c28c4affected e6ac2450d6dee3121cd8bbf2907b78a68a8a353d - < d3178e8a434b58678d99257c0387810a24042fb6 |
Linux | Linux | affected 5.13unaffected 0 - < 5.13unaffected 5.15.93 - <= 5.15.*unaffected 6.1.11 - <= 6.1.*unaffected 6.2 - <= * |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now