[PATCH v4 24/24] doc: add release notes for BPF validation fixes

[Marat Khalili]

Document hardening the BPF validator.

Signed-off-by: Marat Khalili <marat.khalili at huawei.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev at huawei.com>
---
 doc/guides/rel_notes/release_26_07.rst | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/doc/guides/rel_notes/release_26_07.rst b/doc/guides/rel_notes/release_26_07.rst
index 8471966a4992..9376e7acad24 100644
--- a/doc/guides/rel_notes/release_26_07.rst
+++ b/doc/guides/rel_notes/release_26_07.rst
@@ -164,7 +164,7 @@ New Features
     for installing already loaded BPF programs as port callbacks
     (as opposed to loading them directly from ELF files).
 
-* **Added BPF validation debugging API.**
+* **Added BPF validation debugging API and hardened BPF validator.**
 
   * Introduced a new set of APIs (prefixed with ``rte_bpf_validate_debug_``) to
     introspect the BPF validator. This provides a mechanism to set breakpoints
@@ -172,6 +172,10 @@ New Features
     (such as tracked register bounds). This API is crucial primarily for writing
     comprehensive tests for the validator, but also serves as a foundation for a
     future interactive eBPF validation debugger.
+  * Fixed numerous bugs in the BPF validator's abstract interpretation logic,
+    including incorrect bounds tracking for jumps and arithmetic operations, as
+    well as fixing several instances of undefined behavior (UB) when verifying
+    malicious or corrupt programs.
 
 * **Added AI review helpers.**
 
-- 
2.43.0