CVE-2026-45838

NONE EPSS 1.8%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroup_storage_get_next_key() list_next_entry() never returns NULL -- when the current element is the last entry it wraps to the list head via container_of(). The subsequent NULL check is therefore dead code and get_next_key() never returns -ENOENT for the last element, instead reading storage->key from a bogus pointer that aliases internal map fields and copying the result to userspace. Replace it with list_entry_is_head() so the function correctly returns -ENOENT when there are no more entries.

Threat Intelligence

EPSS Exploit Probability
1.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0f3d9dd5e1fd52b39e25328307c6a694e994ffe3
  • git.kernel.org https://git.kernel.org/stable/c/26d3339e465e54107bd85884341d1609c5300d6a
  • git.kernel.org https://git.kernel.org/stable/c/2c88b2d96e1d4d0c7c4589a4593d4cdee6d332d6
  • git.kernel.org https://git.kernel.org/stable/c/32ce55d424395904986f5066f8755f6cb9993377
  • git.kernel.org https://git.kernel.org/stable/c/5828b9e5b272ecff7cf5d345128d3de7324117f7
  • git.kernel.org https://git.kernel.org/stable/c/85a2f30e40f7468db732f55659bc6318874f49af
  • git.kernel.org https://git.kernel.org/stable/c/b4b5a20bed82130da2f2818f04d52378952fbd0b
  • git.kernel.org https://git.kernel.org/stable/c/fc39753b7f92e09177777e9c648afe5aa3abb81f

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.