CVE-2025-29481
Published: April 9, 2025Last modified: June 6, 2025
Description
Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.2 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Notes
https://github.com/libbpf/libbpf/issues/898 has more context. The CVE is disputed and may be revoked: > libbpf is meant to load BPF programs under root. It's a > highly-privileged operation, and libbpf is not meant, designed, and > actually explicitly discouraged from loading untrusted ELF files. As > such, this is just a normal bug fix, like lots of others. So let's > drop the CVE link as well. > > Again, no one in their sane mind should be passing untrusted ELF files > into libbpf while running under root. Period.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | Stream | libbpf | Unknown (1.5.0-r0) |