CVE-2026-43463

Summary

In the Linux kernel, the following vulnerability has been resolved:

rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()

rxrpc_kernel_lookup_peer() can also return error pointers in addition to NULL, so just checking for NULL is not sufficient.

Fix this by:

(1) Changing rxrpc_kernel_lookup_peer() to return -ENOMEM rather than NULL on allocation failure.

(2) Making the callers in afs use IS_ERR() and PTR_ERR() to pass on the error code returned.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux72904d7b9bfbf2dd146254edea93958bc35bbbfe < d55fa7cd4b19ba91b34b307d769c149e56ad0a75affected
LinuxLinux72904d7b9bfbf2dd146254edea93958bc35bbbfe < 54331c5dcc6d97683d7ca2788e7ef9c9505e1477affected
LinuxLinux72904d7b9bfbf2dd146254edea93958bc35bbbfe < 4245a79003adf30e67f8e9060915bd05cb31d142affected
LinuxLinux056fc740be000d39a7dba700a935f3bbfbc664e6affected
LinuxLinux6.7.3 < 6.8affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.18.19 <= 6.18.*unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References