CVE-2025-71129

Published: January 18, 2026Last modified: January 18, 2026

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new emit_abi_ext() helper. The emit_abi_ext() helper performs extension in place meaning a value already store in the target register (Note: this is different from the existing sign_extend() helper and thus we can't reuse it).

Status

Product	Release	Package	Status
Alpaquita Linux	23 LTS	linux-lts	Vulnerable (6.1.159-r0)
	25 LTS	linux-lts	Fixed (6.12.65-r0)
	Stream	linux-lts	Fixed (6.12.65-r0)

References

https://git.kernel.org/stable/c/0d666db731e95890e0eda7ea61bc925fd2be90c6
https://git.kernel.org/stable/c/321993a874f571a94b5a596f1132f798c663b56e
https://git.kernel.org/stable/c/3f5a238f24d7b75f9efe324d3539ad388f58536e
https://git.kernel.org/stable/c/fd43edf357a3a1f5ed1c4bf450b60001c9091c39