CVE-2026-45884 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid per-cpu hold underflow in aa_get_buffer When aa_get_buffer() pulls from the per-cpu list it unconditionally decrements cache->hold. If hold reaches 0 while count is still non-zero, the unsigned decrement wraps to UINT_MAX. This keeps hold non-zero for a very long time, so aa_put_buffer() never returns buffers to the global list, which can starve other CPUs and force repeated kmalloc(aa_g_path_max) allocations. Guard the decrement so hold never underflows.

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-27 | Assigner Linux

Product status

Default status

unaffected

ea9bae12d02819556db63348db8bd8441eb316f2 (git) before 202824a1f89a9786c20a3d646a7c88d223abb1b2

affected

ea9bae12d02819556db63348db8bd8441eb316f2 (git) before 80c334acc6d0bee8605a358a33e69b4aea1ffb92

affected

ea9bae12d02819556db63348db8bd8441eb316f2 (git) before 4bcddd0f6b2e52b4c7b520e4d36a115caf5b7169

affected

ea9bae12d02819556db63348db8bd8441eb316f2 (git) before 640cf2f09575c9dc344b3f7be2498d31e3923ead

affected

Default status

affected

6.7

affected

Any version before 6.7

unaffected

6.12.75 (semver)

unaffected

6.18.14 (semver)

unaffected

6.19.4 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/202824a1f89a9786c20a3d646a7c88d223abb1b2

git.kernel.org/...c/80c334acc6d0bee8605a358a33e69b4aea1ffb92

git.kernel.org/...c/4bcddd0f6b2e52b4c7b520e4d36a115caf5b7169

git.kernel.org/...c/640cf2f09575c9dc344b3f7be2498d31e3923ead

cve.org (CVE-2026-45884)

nvd.nist.gov (CVE-2026-45884)

Download JSON

help @ threatint.eu