EUVD-2025-32353CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Lifecycle Timeline
4Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htab_lock_bucket() to userspace In __htab_map_lookup_and_delete_batch() if htab_lock_bucket() returns -EBUSY, it will go to next bucket. Going to next bucket may not only skip the elements in current bucket silently, but also incur out-of-bound memory access or expose kernel memory to userspace if current bucket_cnt is greater than bucket_size or zero. Fixing it by stopping batch operation and returning -EBUSY when htab_lock_bucket() fails, and the application can retry or skip the busy batch as needed.
Analysis
In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htab_lock_bucket() to userspace In __htab_map_lookup_and_delete_batch() if htab_lock_bucket() returns -EBUSY, it will go to next bucket.
Technical Context
An out-of-bounds memory access occurs when code reads from or writes to memory locations outside the intended buffer boundaries. This vulnerability is classified as Out-of-bounds Read (CWE-125).
Affected Products
Affected products: Linux Linux Kernel
Remediation
A vendor patch is available — apply it immediately. Implement proper bounds checking on all array and buffer accesses. Use memory-safe languages or static analysis tools to detect OOB issues.
Priority Score
Vendor Status
Share
External POC / Exploit Code
Leaving vuln.today