7.8
CVE-2026-53092
- EPSS 0.13%
- Veröffentlicht 24.06.2026 16:30:31
- Zuletzt bearbeitet 06.07.2026 13:17:05
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
bpf: Fix linked reg delta tracking when src_reg == dst_reg
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix linked reg delta tracking when src_reg == dst_reg
Consider the case of rX += rX where src_reg and dst_reg are pointers to
the same bpf_reg_state in adjust_reg_min_max_vals(). The latter first
modifies the dst_reg in-place, and later in the delta tracking, the
subsequent is_reg_const(src_reg)/reg_const_value(src_reg) reads the
post-{add,sub} value instead of the original source.
This is problematic since it sets an incorrect delta, which sync_linked_regs()
then propagates to linked registers, thus creating a verifier-vs-runtime
mismatch. Fix it by just skipping this corner case.Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 6
Default Statusunaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 7
Default Statusunaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusunaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.026 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 6.4 | 0.5 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-393 Return of Wrong Status Code
A function or operation returns an incorrect return value or status code that does not indicate the true result of execution, causing the product to modify its behavior based on the incorrect result.
https://git.kernel.org/stable/c/d88e8e4a3b52bd5b2ff3eceba4b29d1b5506d066
https://git.kernel.org/stable/c/cc86a8b0a1c54d2bccf6f68cf49b82dea91b84de
https://git.kernel.org/stable/c/d7f14173c0d5866c3cae759dee560ad1bed10d2e
https://access.redhat.com/security/cve/CVE-2026-53092
https://bugzilla.redhat.com/show_bug.cgi?id=2492362
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53092.json