This bug occurs in the Linux kernel’s BPF crypto subsystem when the destructor function pointer type does not match the expected signature enforced by CONFIG_CFI. The mismatch triggers a Control‑Flow Integrity violation, causing the kernel to issue an Oops and crash. The primary impact is that any BPF program using the crypto context could abruptly terminate the system, effectively denying service to users or processes that rely on that kernel module.

The flaw is present in the core Linux kernel, affecting all distributions that ship a kernel compiled with CONFIG_CFI and that make use of the BPF crypto context destructor. Specific kernel versions are not listed in the data, so any unpatched kernel with this configuration is at risk.

There is no EPSS score available and the vulnerability is not listed in the CISA KEV catalog, indicating limited public exploitation data. The CVSS score is also missing from the provided information, but the kernel crash suggests a high potential impact if an attacker can trigger the faulty destructor. Successful exploitation would likely require the attacker to execute a BPF program that exercises the crypto context or similar code paths, which could be achieved with local code execution or by manipulating system services that compile BPF programs. Given the absence of publicly known exploit samples, the immediate risk is largely from accidental or unintended crashes rather than targeted attacks, but the denial‑of‑service nature warrants prompt remediation.