CVE-2025-39990

Published: Oct 15, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in get_helper_proto kernel test robot reported verifier bug [1] where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in get_helper_proto directly. Marking tail_call helper func with BPF_PTR_POISON, because it is unused by design. [1] https://lore.kernel.org/oe-lkp/[email protected]

Vendor	Product	Versions
Linux	Linux	affected `f470378c7562a2818b45ed11c98973f2b89eedd3 - < 3d429cb1278e995e22995ef117fa96d223a67e93` affected `f470378c7562a2818b45ed11c98973f2b89eedd3 - < 6233715b4b714068d6c831d214a4e8792109875a` affected `f470378c7562a2818b45ed11c98973f2b89eedd3 - < e4414b01c1cd9887bbde92f946c1ba94e40d6d64`
Linux	Linux	affected `5.8` unaffected `0 - < 5.8` unaffected `6.12.50 - <= 6.12.` unaffected `6.16.10 - <= 6.16.` unaffected `6.17 - <= *`

References

https://git.kernel.org/stable/c/3d429cb1278e995e22995ef117fa96d223a67e93

https://git.kernel.org/stable/c/6233715b4b714068d6c831d214a4e8792109875a

https://git.kernel.org/stable/c/e4414b01c1cd9887bbde92f946c1ba94e40d6d64

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39990

Description

Affected Products

References