-
CVE-2026-53095
- EPSS 0.17%
- Veröffentlicht 24.06.2026 16:30:33
- Zuletzt bearbeitet 24.06.2026 17:17:23
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
bpf: Fix abuse of kprobe_write_ctx via freplace
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix abuse of kprobe_write_ctx via freplace
uprobe programs are allowed to modify struct pt_regs.
Since the actual program type of uprobe is KPROBE, it can be abused to
modify struct pt_regs via kprobe+freplace when the kprobe attaches to
kernel functions.
For example,
SEC("?kprobe")
int kprobe(struct pt_regs *regs)
{
return 0;
}
SEC("?freplace")
int freplace_kprobe(struct pt_regs *regs)
{
regs->di = 0;
return 0;
}
freplace_kprobe prog will attach to kprobe prog.
kprobe prog will attach to a kernel function.
Without this patch, when the kernel function runs, its first arg will
always be set as 0 via the freplace_kprobe prog.
To fix the abuse of kprobe_write_ctx=true via kprobe+freplace, disallow
attaching freplace programs on kprobe programs with different
kprobe_write_ctx values.Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
7384893d970ea114952aef54ad7e3d7d2ca82d4f
Version <
b312cf41b9e43f442613053f6cad39898e1baf96
Status
affected
Version
7384893d970ea114952aef54ad7e3d7d2ca82d4f
Version <
9836cadbd96c7e0dbb0018fa60e7872dd31ac4f8
Status
affected
Version
7384893d970ea114952aef54ad7e3d7d2ca82d4f
Version <
611fe4b79af72d00d80f2223354284447daafae9
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.18
Status
affected
Version
0
Version <
6.18
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.061 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/b312cf41b9e43f442613053f6cad39898e1baf96
https://git.kernel.org/stable/c/9836cadbd96c7e0dbb0018fa60e7872dd31ac4f8
https://git.kernel.org/stable/c/611fe4b79af72d00d80f2223354284447daafae9