-
CVE-2026-53084
- EPSS 0.16%
- Veröffentlicht 24.06.2026 16:30:24
- Zuletzt bearbeitet 24.06.2026 17:17:22
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
bpf: return VMA snapshot from task_vma iterator
In the Linux kernel, the following vulnerability has been resolved: bpf: return VMA snapshot from task_vma iterator Holding the per-VMA lock across the BPF program body creates a lock ordering problem when helpers acquire locks that depend on mmap_lock: vm_lock -> i_rwsem -> mmap_lock -> vm_lock Snapshot the VMA under the per-VMA lock in _next() via memcpy(), then drop the lock before returning. The BPF program accesses only the snapshot. The verifier only trusts vm_mm and vm_file pointers (see BTF_TYPE_SAFE_TRUSTED_OR_NULL in verifier.c). vm_file is reference- counted with get_file() under the lock and released via fput() on the next iteration or in _destroy(). vm_mm is already correct because lock_vma_under_rcu() verifies vma->vm_mm == mm. All other pointers are left as-is by memcpy() since the verifier treats them as untrusted.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
4ac4546821584736798aaa9e97da9f6eaf689ea3
Version <
83b8802c034e843b83a3e1ef6f30cdd4e9ec291c
Status
affected
Version
4ac4546821584736798aaa9e97da9f6eaf689ea3
Version <
592226d138378601ae28eb890e2bbc23ec3600f7
Status
affected
Version
4ac4546821584736798aaa9e97da9f6eaf689ea3
Version <
13860ca37b8df0b856ee1ce3bdbd7c327d5f53e8
Status
affected
Version
4ac4546821584736798aaa9e97da9f6eaf689ea3
Version <
4cbee026db54cad39c39db4d356100cb133412b3
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.7
Status
affected
Version
0
Version <
6.7
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.051 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/83b8802c034e843b83a3e1ef6f30cdd4e9ec291c
https://git.kernel.org/stable/c/592226d138378601ae28eb890e2bbc23ec3600f7
https://git.kernel.org/stable/c/13860ca37b8df0b856ee1ce3bdbd7c327d5f53e8
https://git.kernel.org/stable/c/4cbee026db54cad39c39db4d356100cb133412b3