CVE-2025-68216

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: BPF: Disable trampoline for kernel module function trace

The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problems:

• The bpf_selftests/module_attach test fails consistently.
• Kernel lockup when a BPF program is attached to a module function [1].
• Critical kernel modules like WireGuard experience traffic disruption when their functions are traced with fentry [2].

Given the severity and the potential for other unknown side-effects, it is safest to disable the feature entirely for now. This patch prevents the BPF subsystem from allowing trampoline attachments to kernel module functions on LoongArch.

This is a temporary mitigation until the core issues in the trampoline code for kernel module handling can be identified and fixed.

[root@fedora bpf]# ./testprogs -a moduleattach -v bpftestmod.ko is already unloaded. Loading bpftestmod.ko... Successfully loaded bpftestmod.ko. testmoduleattach:PASS:skelopen 0 nsec testmoduleattach:PASS:setattachtarget 0 nsec testmoduleattach:PASS:setattachtargetexplicit 0 nsec testmoduleattach:PASS:skelload 0 nsec libbpf: prog 'handlefentry': failed to attach: -ENOTSUPP libbpf: prog 'handlefentry': failed to auto-attach: -ENOTSUPP testmoduleattach:FAIL:skelattach skeleton attach failed: -524 Summary: 0/0 PASSED, 0 SKIPPED, 1 FAILED Successfully unloaded bpftestmod.ko.