CVE-2026-45876 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in arch_set_shadow_stack_status() alloc_gcs() returns an error-encoded pointer on failure, which comes from do_mmap(), not NULL. The current NULL check fails to detect errors, which could lead to using an invalid GCS address. Use IS_ERR_VALUE() to properly detect errors, consistent with the check in gcs_alloc_thread_stack().

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-27 | Assigner Linux

Product status

Default status

unaffected

b57180c75c7ebff6613886cb69ef6e283a10358b (git) before c787a235deb33be6eda40beee8f561da5fd8cb8c

affected

b57180c75c7ebff6613886cb69ef6e283a10358b (git) before a4741114c9622346c4bbb8cc2bbd88153616ffaf

affected

b57180c75c7ebff6613886cb69ef6e283a10358b (git) before 53c998527ffa60f9deda8974a11ad39790684159

affected

Default status

affected

6.13

affected

Any version before 6.13

unaffected

6.18.14 (semver)

unaffected

6.19.4 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/c787a235deb33be6eda40beee8f561da5fd8cb8c

git.kernel.org/...c/a4741114c9622346c4bbb8cc2bbd88153616ffaf

git.kernel.org/...c/53c998527ffa60f9deda8974a11ad39790684159

cve.org (CVE-2026-45876)

nvd.nist.gov (CVE-2026-45876)

Download JSON

help @ threatint.eu