CVE-2025-71270 - Vulnerability Details

- LoongArch: Enable exception fixup for specific ADE subcode

Description

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: Enable exception fixup for specific ADE subcode

This patch allows the LoongArch BPF JIT to handle recoverable memory
access errors generated by BPF_PROBE_MEM* instructions.

When a BPF program performs memory access operations, the instructions
it executes may trigger ADEM exceptions. The kernel’s built-in BPF
exception table mechanism (EX_TYPE_BPF) will generate corresponding
exception fixup entries in the JIT compilation phase; however, the
architecture-specific trap handling function needs to proactively call
the common fixup routine to achieve exception recovery.

do_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs,
ensure safe execution.

Relevant test cases: illegal address access tests in module_attach and
subprogs_extable of selftests/bpf.

Published: 2026-03-18

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability concerns the LoongArch implementation of the BPF JIT compiler in the Linux kernel. It arises because the architecture‑specific trap handler did not invoke the common exception‑recovery routine for recoverable ADE (Access Denied Exception) faults triggered by BPF_PROBE_MEM* instructions. When such an exception occurs, the kernel fails to provide a fixup entry and the BPF program terminates the kernel, resulting in a crash and loss of service. This is an improper exception handling weakness.

Affected Systems

The flaw affects all Linux kernels that run on the LoongArch architecture and do not include the patch that enables the exception handler to call the fixup routine. The patch was merged into mainline, so any distribution shipping a LoongArch kernel before that merge remains vulnerable. Kernels updated with the patched code are not affected.

Risk and Exploitability

EPSS scores indicate a very low probability of exploitation (less than 1%) and the issue is not listed in CISA’s KEV catalog, suggesting limited attacker interest. The impact of a successful exploit is a kernel crash that results in a denial of service. The likely attack vector would be from an entity that can load BPF programs (root or a user with CAP_SYSADMIN). No documented network‑based exploitation method exists.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c`	affected	< 73ede654d9daa2ee41bdd17bc62946fc5a0258cb
`dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c`	affected	< c49a28068363f3dca439aa5fe4d3b1f8159809fe
`dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c`	affected	< c2ed4f71e9288f21d5c53ff790270758e60fa5f9
`dbcd7f5fafea64dbe588c4ec18bc309fde5d1e1c`	affected	< 9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0

Linux

affected

Version	Status	Constraints
`6.2`	affected	—
`0`	unaffected	< 6.2
`6.6.124`	unaffected	≤ 6.6.*
`6.12.70`	unaffected	≤ 6.12.*
`6.18.10`	unaffected	≤ 6.18.*
`6.19`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,b9d9a221bd14ed4b01d113701976fa376762c544)`	affected	generic	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,73ede654d9daa2ee41bdd17bc62946fc5a0258cb)`	affected	generic	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,c49a28068363f3dca439aa5fe4d3b1f8159809fe)`	affected	generic	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,c2ed4f71e9288f21d5c53ff790270758e60fa5f9)`	affected	generic	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0)`	affected	generic	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[0,6.1.*]`	unaffected	generic	—
`[0,6.6.*]`	unaffected	generic	—
`[0,6.12.*]`	unaffected	generic	—
`[0,6.18.*]`	unaffected	generic	—
`[0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply an updated LoongArch kernel that includes the BPF exception‑recovery patch.
If an upgrade cannot be performed immediately, restrict BPF program loading to trusted users or disable BPF functionality until a patch is available.

Generated by OpenCVE AI on March 27, 2026 at 10:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/73ede654d9daa2ee41bdd17bc62946fc5a0258cb
https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0
https://git.kernel.org/stable/c/c2ed4f71e9288f21d5c53ff790270758e60fa5f9
https://git.kernel.org/stable/c/c49a28068363f3dca439aa5fe4d3b1f8159809fe
https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2025-71270-19ac@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-71270
https://www.cve.org/CVERecord?id=CVE-2025-71270

History

Fri, 27 Mar 2026 20:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-400 CWE-416

Fri, 27 Mar 2026 08:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-703

Thu, 26 Mar 2026 14:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-703

Thu, 26 Mar 2026 12:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-125 CWE-755

Wed, 25 Mar 2026 22:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125 CWE-755

Wed, 25 Mar 2026 12:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-754

Tue, 24 Mar 2026 13:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-754

Thu, 19 Mar 2026 17:30:00 +0000

Type	Values Removed	Values Added
References	https://git.kernel.org/stable/c/b9d9a221bd14ed4b01d113701976fa376762c544

Thu, 19 Mar 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2025-71270-19ac@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-71270 https://www.cve.org/CVERecord?id=CVE-2025-71270

Wed, 18 Mar 2026 18:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPF_PROBE_MEM* instructions. When a BPF program performs memory access operations, the instructions it executes may trigger ADEM exceptions. The kernel’s built-in BPF exception table mechanism (EX_TYPE_BPF) will generate corresponding exception fixup entries in the JIT compilation phase; however, the architecture-specific trap handling function needs to proactively call the common fixup routine to achieve exception recovery. do_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs, ensure safe execution. Relevant test cases: illegal address access tests in module_attach and subprogs_extable of selftests/bpf.
Title		LoongArch: Enable exception fixup for specific ADE subcode
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/73ede654d9daa2ee41bdd17bc62946fc5a0258cb https://git.kernel.org/stable/c/9bdc1ab5e4ce6f066119018d8f69631a46f9c5a0 https://git.kernel.org/stable/c/b9d9a221bd14ed4b01d113701976fa376762c544 https://git.kernel.org/stable/c/c2ed4f71e9288f21d5c53ff790270758e60fa5f9 https://git.kernel.org/stable/c/c49a28068363f3dca439aa5fe4d3b1f8159809fe

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-03-18T17:40:59.838Z

Updated: 2026-03-19T16:01:01.226Z

Reserved: 2026-03-17T09:08:18.458Z

Link: CVE-2025-71270

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-03-18T18:16:22.230

Modified: 2026-03-19T17:16:21.520

Link: CVE-2025-71270

Redhat

Severity :

Publid Date: 2026-03-18T00:00:00Z

Links: CVE-2025-71270 - Bugzilla

OpenCVE Enrichment

Updated: 2026-03-27T15:48:25Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object