In the Linux kernel, the following vulnerability has been resolved:
bpf: Send signals asynchronously if !preemptible
BPF programs can execute in all kinds of contexts and when a program
running in a non-preemptible context uses the bpf_send_signal() kfunc,
it will cause issues because this kfunc can sleep.
Change `irqs_disabled()` to `!preemptible()`.
CVE ID: CVE-2025-21728
Vendor: Linux, Linux
Product: Linux, Linux
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 10.65% (scored less or equal to compared to others)
EPSS Date: 2025-03-27 (when was this score calculated)