7.1
CVE-2026-53076
- EPSS 0.12%
- Veröffentlicht 24.06.2026 16:30:17
- Zuletzt bearbeitet 28.06.2026 08:16:32
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
bpf: Fix OOB in pcpu_init_value
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix OOB in pcpu_init_value An out-of-bounds read occurs when copying element from a BPF_MAP_TYPE_CGROUP_STORAGE map to another pcpu map with the same value_size that is not rounded up to 8 bytes. The issue happens when: 1. A CGROUP_STORAGE map is created with value_size not aligned to 8 bytes (e.g., 4 bytes) 2. A pcpu map is created with the same value_size (e.g., 4 bytes) 3. Update element in 2 with data in 1 pcpu_init_value assumes that all sources are rounded up to 8 bytes, and invokes copy_map_value_long to make a data copy, However, the assumption doesn't stand since there are some cases where the source may not be rounded up to 8 bytes, e.g., CGROUP_STORAGE, skb->data. the verifier verifies exactly the size that the source claims, not the size rounded up to 8 bytes by kernel, an OOB happens when the source has only 4 bytes while the copy size(4) is rounded up to 8.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
d3bec0138bfbe58606fc1d6f57a4cdc1a20218db
Version <
e19c5ed9f1922a6854073f8651a63fa7be26e9e9
Status
affected
Version
d3bec0138bfbe58606fc1d6f57a4cdc1a20218db
Version <
e0378419b0e20178b5d100b27c9cc7e51064202e
Status
affected
Version
d3bec0138bfbe58606fc1d6f57a4cdc1a20218db
Version <
6086079e6d1c32ba4c4b422612b8aebb1129a96c
Status
affected
Version
d3bec0138bfbe58606fc1d6f57a4cdc1a20218db
Version <
634a793d0e1c822412095d25a1338f8831ad894c
Status
affected
Version
d3bec0138bfbe58606fc1d6f57a4cdc1a20218db
Version <
576afddfee8d1108ee299bf10f581593540d1a36
Status
affected
Version
c602ad2b52dcbca5af08e5137bd5575c039b52e3
Status
affected
Version
ab68b940dd6f7b5f8e2557937162dcb8a0583a05
Status
affected
Version
5.4.78
Version <
5.5
Status
affected
Version
5.9.9
Version <
5.10
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.10
Status
affected
Version
0
Version <
5.10
Status
unaffected
Version <=
6.6.*
Version
6.6.141
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.019 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
https://git.kernel.org/stable/c/e19c5ed9f1922a6854073f8651a63fa7be26e9e9
https://git.kernel.org/stable/c/e0378419b0e20178b5d100b27c9cc7e51064202e
https://git.kernel.org/stable/c/6086079e6d1c32ba4c4b422612b8aebb1129a96c
https://git.kernel.org/stable/c/634a793d0e1c822412095d25a1338f8831ad894c
https://git.kernel.org/stable/c/576afddfee8d1108ee299bf10f581593540d1a36