Impact
A flaw in the Linux kernel's BPF subsystem allows an integer node_id to be passed to arena_alloc_pages without bounds checking. The lack of validation can cause the kernel to request memory from a non‑existent NUMA node or to index memory buffers incorrectly, potentially leading to kernel memory corruption, crashes, or denial of service. In configurations that permit user‑space loading of BPF programs, a local attacker may be able to exploit this defect to execute code in kernel context or elevate privileges, but the description does not confirm a guaranteed code‑execution path.
Affected Systems
The vulnerability is present in all Linux kernel releases that lack the node_id validation patch. Any distribution shipping an unpatched kernel is susceptible until the update is applied. Specific distro names or kernel versions are not listed in the advisory, so all vulnerable kernels must be treated as affected.
Risk and Exploitability
The CVSS score of 7.8 classifies the issue as high severity. The EPSS score of less than 1% indicates a very low likelihood of exploitation at the present time. The vulnerability is not listed in the CISA KEV catalog, suggesting no widespread public exploits are known. The exploitation path requires a local attacker that can load BPF programs—typically a privileged operation, though it can be extended to other users depending on kernel configuration and system privileges.
OpenCVE Enrichment