CVE-2025-29481 — Classic Buffer Overflow in Libbpf

CWE-120 — Classic Buffer Overflow CWE-122 — Heap-based Buffer Overflow6 documents6 sources

Severity

6.2MEDIUMNVD

EPSS

0.1%

top 75.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libbpf Project Libbpf Debian Libbpf Msrc Azl3 BCC 0.29.1-3 ON Azure Linux 3.0 +4 more

Timeline

PublishedApr 7

Latest updateApr 8

Description

Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf. This has been disputed by third parties who assert that "no one in their sane mind should be passing untrusted ELF files into libbpf while running under root."

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.5 | Impact: 3.6

Affected Packages8 packages

▶debiandebian/libbpf< libbpf 1.5.0-3 (forky)

▶Debianlibbpf_project/libbpf< 1.5.0-3+1

▶NVDlibbpf_project/libbpf1.5.0

▶msrcmsrc/azl3_libbpf_1.2.2-2_on_azure_linux_3.0

▶msrcmsrc/cbl2_libbpf_1.0.1-2_on_cbl_mariner_2.0

🔴Vulnerability Details

GHSA

GHSA-3ch3-mpx2-hj74: Buffer Overflow vulnerability in libbpf 1↗2025-04-07

▶

OSV

CVE-2025-29481: Buffer Overflow vulnerability in libbpf 1↗2025-04-07

▶

📋Vendor Advisories

Microsoft

Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf.↗2025-04-08

▶

Red Hat

libbpf: Heap Buffer Overflow in libbpf↗2025-04-07

▶

Debian

CVE-2025-29481: libbpf - Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute...↗2025

▶