CVE-2026-43306

MEDIUM EPSS 2.3%
Published May 8, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIG_CFI enabled, the kernel strictly enforces that indirect function calls use a function pointer type that matches the target function. I ran into the following type mismatch when running BPF self-tests: CFI failure at bpf_obj_free_fields+0x190/0x238 (target: bpf_crypto_ctx_release+0x0/0x94; expected type: 0xa488ebfc) Internal error: Oops - CFI: 00000000f2008228 [#1] SMP ... As bpf_crypto_ctx_release() is also used in BPF programs and using a void pointer as the argument would make the verifier unhappy, add a simple stub function with the correct type and register it as the destructor kfunc instead.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.10  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 4

  • git.kernel.org https://git.kernel.org/stable/c/3979a550fe06b370d73647f59cf462fa525c9ec4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e3e57dbf46dad3498f8c4219ce2dba756875962
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/50d6fd69388cc7b05dce72f09080674dcede4ac9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b40a5d724f29fc2eed23ff353808a9aae616b48a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3979a550fe06b370d73647f59cf462fa525c9ec4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e3e57dbf46dad3498f8c4219ce2dba756875962
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/50d6fd69388cc7b05dce72f09080674dcede4ac9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b40a5d724f29fc2eed23ff353808a9aae616b48a
    Patch