CVE-2026-45951
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a potential use-after-free of BTF object
Refcounting in the check_pseudo_btf_id() function is incorrect: the __check_pseudo_btf_id() function might get called with a zero refcounted btf. Fix this, and patch related code accordingly.
v3: rephrase a comment (AI) v2: fix a refcount leak introduced in v1 (AI)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 76145f7255326761dafb76721a785799d8a00d5f < eac65c272f3b49021a843cba5107d63627395e0e | affected |
| Linux | Linux | 76145f7255326761dafb76721a785799d8a00d5f < 9ff46ffeecdb1802d6e26183177935b948a12e7f | affected |
| Linux | Linux | 76145f7255326761dafb76721a785799d8a00d5f < ccd2d799ed4467c07f5ee18c2f5c59bcc990822c | affected |
| Linux | Linux | 6.14 | affected |
| Linux | Linux | 0 < 6.14 | unaffected |
| Linux | Linux | 6.18.14 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.4 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/eac65c272f3b49021a843cba5107d63627395e0e
- https://git.kernel.org/stable/c/9ff46ffeecdb1802d6e26183177935b948a12e7f
- https://git.kernel.org/stable/c/ccd2d799ed4467c07f5ee18c2f5c59bcc990822c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.