CVE-2026-45959
HIGH EPSS 2.7%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the `__cleanup(kfree)` attribute will make the address of the local variable, rather than the address returned by kmalloc, passed to kfree directly and lead to a crash due to invalid deallocation of stack address. According to other places in the repo, the correct usage should be `__free(kfree)`. The code coincidentally compiled because the parameter type `void *` of kfree is compatible with the desired type `struct { ... } **`.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
2.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 2
References 3
- git.kernel.org https://git.kernel.org/stable/c/90f9090e3e744a8fe3bb6fa0e61f577347728b0b
- git.kernel.org https://git.kernel.org/stable/c/9a3ace9b010ffd8c422c97844ae152f7c53d6b18
- git.kernel.org https://git.kernel.org/stable/c/d5abcc33ee76bc26d58b39dc1a097e43a99dd438
Remediation
- git.kernel.org https://git.kernel.org/stable/c/90f9090e3e744a8fe3bb6fa0e61f577347728b0b
- git.kernel.org https://git.kernel.org/stable/c/9a3ace9b010ffd8c422c97844ae152f7c53d6b18
- git.kernel.org https://git.kernel.org/stable/c/d5abcc33ee76bc26d58b39dc1a097e43a99dd438