CVE-2026-45932

HIGH EPSS 3.2%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
7.3 CVSS 3.1
High
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPF_PROG_DETACH on tcx or netkit devices could be executed by any user when no program fd was provided, bypassing permission checks. The fix adds a capability check for CAP_NET_ADMIN or CAP_SYS_ADMIN in this case.

CVSS Details

Base Score
7.3
Exploitability
1.8
Impact
5.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
3.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3f04cc1e5374da4c5e791ae010a06cfea7bacbe6
  • git.kernel.org https://git.kernel.org/stable/c/4e0772cded109c238411f2fac36ac39302758b81
  • git.kernel.org https://git.kernel.org/stable/c/ae23bc81ddf7c17b663c4ed1b21e35527b0a7131

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.