CVE-2026-43070 Overview
CVE-2026-43070 is a Linux kernel vulnerability in the Berkeley Packet Filter (BPF) verifier. The verifier fails to reset the destination register ID after a BPF_END byte-swap operation. When a register previously shared a scalar ID with another register through assignments such as r1 = r0, the verifier does not break this scalar tie after the byte swap. A subsequent conditional jump on the swapped register causes the verifier to incorrectly propagate learned bounds to the linked register. This false confidence in register state can permit out-of-bounds memory accesses inside BPF programs, undermining a core kernel sandboxing mechanism.
Critical Impact
A flaw in BPF verifier scalar ID tracking allows crafted BPF programs to bypass bounds checks and perform out-of-bounds memory access in the Linux kernel.
Affected Products
- Linux kernel versions containing the BPF verifier BPF_END handling logic prior to the referenced stable commits
- Distributions shipping vulnerable upstream Linux kernels with unprivileged BPF or eBPF program loading enabled
- Systems exposing BPF program loading to non-root users via capabilities such as CAP_BPF
Discovery Timeline
- 2026-05-05 - CVE-2026-43070 published to NVD
- 2026-05-06 - Last updated in NVD database
Technical Details for CVE-2026-43070
Vulnerability Analysis
The Linux kernel BPF verifier statically analyzes BPF programs before execution to ensure memory safety. As part of this analysis, it tracks scalar register values and assigns shared IDs to registers that hold equivalent values after assignments. When a conditional jump narrows the bounds of one register, the verifier propagates those refined bounds to all registers sharing the same scalar ID.
The BPF_END instruction performs an in-place byte swap on a register. This operation mutates the underlying scalar value, which means any prior equivalence with another register no longer holds. The verifier did not clear dst_reg->id after BPF_END, leaving the stale scalar ID intact. Attackers can craft instruction sequences that exploit this stale linkage to confuse the verifier about register bounds.
Root Cause
The root cause is missing state cleanup in the BPF verifier's handling of BPF_END. Unlike BPF_NEG, which uses __mark_reg_known and properly resets register tracking metadata, the BPF_END path mutates the scalar value without resetting dst_reg->id to 0. This omission breaks the invariant that registers sharing a scalar ID hold equivalent values.
Attack Vector
A local attacker with the ability to load BPF programs can construct a sequence that assigns one register to another, applies BPF_END to one of them, then performs a conditional jump that narrows bounds. The verifier propagates the narrowed bounds to the unrelated register, allowing subsequent memory accesses with attacker-influenced offsets to bypass verification. This produces out-of-bounds reads or writes within kernel context, providing a primitive for privilege escalation or information disclosure.
The issue is described in detail across the upstream stable kernel commits referenced for this CVE. See the Kernel Git Commit a3125bc for the canonical fix.
Detection Methods for CVE-2026-43070
Indicators of Compromise
- Unexpected loading of complex BPF programs by non-root users with CAP_BPF or CAP_SYS_ADMIN
- Kernel oops, panic, or KASAN reports referencing BPF verifier or interpreter code paths
- Unusual BPF program load failures followed by successful loads of slightly modified programs, suggesting verifier probing
Detection Strategies
- Audit bpf() syscall usage and program load events using kernel audit subsystem rules targeting BPF_PROG_LOAD
- Hunt for processes invoking bpf() from unexpected user contexts or container workloads
- Correlate BPF program load activity with subsequent kernel error messages or unexpected privilege changes
Monitoring Recommendations
- Enable Linux audit rules for the bpf syscall and forward events to a centralized log platform
- Monitor /sys/kernel/debug/tracing/ and dmesg output for verifier warnings on production hosts
- Track kernel version inventory across Linux fleets to confirm patched kernels are deployed
How to Mitigate CVE-2026-43070
Immediate Actions Required
- Apply the upstream stable kernel patches referenced in the commits 0d15c36, a17443a, and a3125bc once available from your distribution
- Restrict BPF program loading to trusted users by setting kernel.unprivileged_bpf_disabled=1 via sysctl
- Inventory hosts where workloads load BPF programs and prioritize patching of multi-tenant or container hosts
Patch Information
The fix resets dst_reg->id to 0 in the BPF_END case so that the scalar tie with any linked register is broken before bounds learned from later conditional jumps can propagate. The corrected behavior mirrors BPF_NEG, which uses __mark_reg_known to invalidate stale scalar IDs. Refer to Kernel Git Commit 0d15c36 and Kernel Git Commit a17443a for the backported stable kernel fixes.
Workarounds
- Disable unprivileged BPF program loading with sysctl -w kernel.unprivileged_bpf_disabled=1 and persist the setting in /etc/sysctl.d/
- Remove CAP_BPF from container and service contexts that do not require BPF program loading
- Use Linux Security Modules such as SELinux or AppArmor to restrict access to the bpf() syscall for untrusted workloads
# Configuration example
# Disable unprivileged BPF program loading persistently
echo 'kernel.unprivileged_bpf_disabled=1' | sudo tee /etc/sysctl.d/99-disable-unpriv-bpf.conf
sudo sysctl --system
# Verify the setting
sysctl kernel.unprivileged_bpf_disabled
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
