7.8
CVE-2026-43438
- EPSS 0.01%
- Veröffentlicht 08.05.2026 14:22:07
- Zuletzt bearbeitet 12.05.2026 14:10:27
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
sched_ext: Remove redundant css_put() in scx_cgroup_init()
In the Linux kernel, the following vulnerability has been resolved: sched_ext: Remove redundant css_put() in scx_cgroup_init() The iterator css_for_each_descendant_pre() walks the cgroup hierarchy under cgroup_lock(). It does not increment the reference counts on yielded css structs. According to the cgroup documentation, css_put() should only be used to release a reference obtained via css_get() or css_tryget_online(). Since the iterator does not use either of these to acquire a reference, calling css_put() in the error path of scx_cgroup_init() causes a refcount underflow. Remove the unbalanced css_put() to prevent a potential Use-After-Free (UAF) vulnerability.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
8195136669661fdfe54e9a8923c33b31c92fc1da
Version <
cc095cd305fddbe25a968e4a78436ff9476cf0f6
Status
affected
Version
8195136669661fdfe54e9a8923c33b31c92fc1da
Version <
6eaaa67d6998f6c30c462b140db8c062e07ec473
Status
affected
Version
8195136669661fdfe54e9a8923c33b31c92fc1da
Version <
bf50f3285eda8a0173625fcdb5f183f96e1008cd
Status
affected
Version
8195136669661fdfe54e9a8923c33b31c92fc1da
Version <
1336b579f6079fb8520be03624fcd9ba443c930b
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.12
Status
affected
Version
0
Version <
6.12
Status
unaffected
Version <=
6.12.*
Version
6.12.78
Status
unaffected
Version <=
6.18.*
Version
6.18.19
Status
unaffected
Version <=
6.19.*
Version
6.19.9
Status
unaffected
Version <=
*
Version
7.0
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.024 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|