CVE-2026-45951 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free of BTF object Refcounting in the check_pseudo_btf_id() function is incorrect: the __check_pseudo_btf_id() function might get called with a zero refcounted btf. Fix this, and patch related code accordingly. v3: rephrase a comment (AI) v2: fix a refcount leak introduced in v1 (AI)

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-30 | Assigner Linux

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Product status

Default status

unaffected

76145f7255326761dafb76721a785799d8a00d5f (git) before eac65c272f3b49021a843cba5107d63627395e0e

affected

76145f7255326761dafb76721a785799d8a00d5f (git) before 9ff46ffeecdb1802d6e26183177935b948a12e7f

affected

76145f7255326761dafb76721a785799d8a00d5f (git) before ccd2d799ed4467c07f5ee18c2f5c59bcc990822c

affected

Default status

affected

6.14

affected

Any version before 6.14

unaffected

6.18.14 (semver)

unaffected

6.19.4 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/eac65c272f3b49021a843cba5107d63627395e0e

git.kernel.org/...c/9ff46ffeecdb1802d6e26183177935b948a12e7f

git.kernel.org/...c/ccd2d799ed4467c07f5ee18c2f5c59bcc990822c

cve.org (CVE-2026-45951)

nvd.nist.gov (CVE-2026-45951)

Download JSON

help @ threatint.eu