CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/05/28 3:56 a.m.•10 views

SUSE CVE-2026-45903

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

5.9AI score0.00198EPSS

RedhatCVE•added 2026/05/28 2:25 a.m.•13 views

CVE-2026-45903

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF verifier. This vulnerability occurs because several BPF helper functions lack proper memory access flags, such as MEMRDONLY or MEMWRITE. Consequently, the verifier may incorrectly assume that buffer contents remain unchanged across...

6.7CVSS5.9AI score0.00198EPSS

RedhatCVE•added 2026/05/28 12:42 a.m.•11 views

CVE-2026-45933

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter verifier. The synclinkedregs function fails to preserve the register ID during bounds propagation, which can lead to incorrect register state. This issue may allow a local attacker to trigger a 'division by zero' error, resulting i...

7.8CVSS5.8AI score0.00172EPSS

NVD•added 2026/05/27 2:17 p.m.•16 views

CVE-2026-45903

0.00198EPSS

Cvelist•added 2026/05/27 12:17 p.m.•39 views

CVE-2026-45903 bpf: Fix memory access flags in helper prototypes

0.00198EPSS

NVD•added 2026/05/27 11:16 a.m.•16 views

CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

0.00161EPSS

Exploits0References7

RedHat Linux•added 2026/05/19 9:4 a.m.•9 views

kernel: bpf: Do not include stack ptr register in precision backtracking bookkeeping

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

7.8CVSS6.3AI score0.00163EPSS

Exploits0References5

5.5CVSS5.3AI score0.00214EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc calls in checkkfunccall. Such calls would be caught by fixupkfunccall if they aren’t eliminated through dead code elimination. However, this can lead ...

5.5CVSS5.7AI score0.00157EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, verifier: Fixed a memory leak in array reallocation for stack state. If an error NULL is returned by krealloc, callers of reallocarray would set their allocation pointers to NULL. However, when an error occurs in krealloc, i...

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux

The bpf verifier in the Linux kernel failed to properly handle truncation of the mod32 destination register when the source register was known to be 0. A local attacker who had the ability to load bpf programs could exploit this vulnerability by performing out-of-bounds reads in kernel memory,...

7.8CVSS6.7AI score0.0061EPSS

7.8CVSS5.3AI score0.00221EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an incorrect scalar handling in the maybeforkscalars function for BPFOR. The maybeforkscalars function is called for both BPFAND and BPFOR when the source operand is a constant. When dst has a signed range of -1, 0, it...

Exploits2References2

5.5CVSS6.3AI score0.00306EPSS

Astra Linux – Vulnerability in Linux

The kernel/bpf/verifier.c file in the Linux kernel, as of version 5.12.1, performs undesirable speculative loads. This leads to the disclosure of stack contents through side-channel attacks, known as CID-801c6058d14a. The main issue is that the BPF stack area is not properly protected against...

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel through version 5.11.x. The kernel/bpf/verifier.c file contains unwanted out-of-bounds speculation during pointer arithmetic operations, which allows for side-channel attacks that circumvent Spectre mitigations and extract sensitive information from kern...

5.5CVSS6.4AI score0.01071EPSS

RedhatCVE•added 2026/05/01 4:14 p.m.•2 views

CVE-2026-43009

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter verifier. The verifier, responsible for ensuring the safety of BPF programs, incorrectly tracks the precision of atomic fetch operations. This error can lead to the verifier pruning execution paths that should not be considered...

7.8CVSS5.9AI score0.00134EPSS

Tenable Nessus•added 2026/04/22 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix exception exit lock checking for subprogs processbpfexitfull passes checklock = !curframe to checkresourceleak, which is false in cases when bpfthrow i...

5.5CVSS6AI score0.001EPSS

Positive Technologies•added 2026/04/22 12:0 a.m.•3 views

PT-2026-34431

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs process bpf exit full passes check lock = !curframe to check resource leak, which is false in cases when bpf throw is called from a static subprog. This makes check resource leak...

5.6AI score0.001EPSS