CVE-2025-29481
Publication date 7 April 2025
Last updated 4 March 2026
Ubuntu priority
Description
Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf. This has been disputed by third parties who assert that "no one in their sane mind should be passing untrusted ELF files into libbpf while running under root."
Read the notes from the security team
Why is this CVE negligible priority?
No security boundaries are crossed by this vulnerability
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| dwarves-dfsg | 25.10 questing | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Vulnerable
|
|
| 18.04 LTS bionic |
Vulnerable
|
|
| 16.04 LTS xenial |
Vulnerable
|
|
| libbpf | 25.10 questing |
Not affected
|
| 24.04 LTS noble |
Vulnerable
|
|
| 22.04 LTS jammy |
Vulnerable
|
|
| 20.04 LTS focal |
Vulnerable
|
Notes
0xnishit
dwarves-dfsg embedded statically linked copy of libbpf 0.4
mdeslaur
Per this upstream thread, the security implication of this issue is disputed, so this CVE is likely to get disputed also: https://lore.kernel.org/bpf/CAEf4Bzb2S+1TonOp9UH86r0e6aGG2LEA4kwbQhJWr=9Xju=NEw@mail.gmail.com/ https://lore.kernel.org/bpf/67b2be76-e1db-4163-995c-57073f127d7a@redhat.com/ A fix is available, but downgrading priority to negligible as using libbpf is a privileged operation so no security boundaries are crossed
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
6.2 · Medium
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |