Unrated severityNVD Advisory· Published Oct 28, 2025· Updated Apr 15, 2026

CVE-2025-40050

Description

In the Linux kernel, the following vulnerability has been resolved:

bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer

In check_alu_op(), the verifier currently calls check_reg_arg() and adjust_scalar_min_max_vals() unconditionally for BPF_NEG operations. However, if the destination register holds a pointer, these scalar adjustments are unnecessary and potentially incorrect.

This patch adds a check to skip the adjustment logic when the destination register contains a pointer.

Affected products

Linux/Kernelllm-fuzzy

Patches

b9ef49632272

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv

commit

34904582b502

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv

commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000