7.8

CVE-2026-53031

bpf: Validate node_id in arena_alloc_pages()

In the Linux kernel, the following vulnerability has been resolved:

bpf: Validate node_id in arena_alloc_pages()

arena_alloc_pages() accepts a plain int node_id and forwards it through
the entire allocation chain without any bounds checking.

Validate node_id before passing it down the allocation chain in
arena_alloc_pages().
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version 317460317a02a1af512697e6e964298dedd8a163
Version < 31d3b4b28e55835646d6829d60023f730dd34e85
Status affected
Version 317460317a02a1af512697e6e964298dedd8a163
Version < e15900888c09480a4c632bc598f1c5bd39bed6d6
Status affected
Version 317460317a02a1af512697e6e964298dedd8a163
Version < fb66e20130f95a93ffea1677252526a9e39170b2
Status affected
Version 317460317a02a1af512697e6e964298dedd8a163
Version < 2845989f2ebaf7848e4eccf9a779daf3156ea0a5
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 6.9
Status affected
Version 0
Version < 6.9
Status unaffected
Version <= 6.12.*
Version 6.12.91
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.029
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/31d3b4b28e55835646d6829d60023f730dd34e85
https://git.kernel.org/stable/c/e15900888c09480a4c632bc598f1c5bd39bed6d6
https://git.kernel.org/stable/c/fb66e20130f95a93ffea1677252526a9e39170b2
https://git.kernel.org/stable/c/2845989f2ebaf7848e4eccf9a779daf3156ea0a5