CVE-2026-43070

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bpf: Reset register ID for BPF_END value tracking<br /> <br /> When a register undergoes a BPF_END (byte swap) operation, its scalar<br /> value is mutated in-place. If this register previously shared a scalar ID<br /> with another register (e.g., after an `r1 = r0` assignment), this tie must<br /> be broken.<br /> <br /> Currently, the verifier misses resetting `dst_reg-&gt;id` to 0 for BPF_END.<br /> Consequently, if a conditional jump checks the swapped register, the<br /> verifier incorrectly propagates the learned bounds to the linked register,<br /> leading to false confidence in the linked register&amp;#39;s value and potentially<br /> allowing out-of-bounds memory accesses.<br /> <br /> Fix this by explicitly resetting `dst_reg-&gt;id` to 0 in the BPF_END case<br /> to break the scalar tie, similar to how BPF_NEG handles it via<br /> `__mark_reg_known`.