bpf: fix end-of-list detection in cgroup_storage_get_next_key()

...

CVE-2026-45838

A flaw was found in the Linux kernel. Specifically, within the Berkeley Packet Filter BPF component, an error in the cgroupstoragegetnextkey function's end-of-list detection mechanism can cause the system to read from an invalid memory location. This incorrect handling may lead to internal map...

CVE-2026-45838

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

UBUNTU-CVE-2026-45838

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

CVE-2026-45838 bpf: fix end-of-list detection in cgroup_storage_get_next_key()

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

EUVD-2026-32164

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

CVE-2026-45838

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

CVE-2026-45838

The CVE-2026-45838 entry concerns the Linux kernel BPF code: the function cgroup_storage_get_next_key() incorrectly handled end-of-list detection because list_next_entry() could wrap to the list head, making the subsequent NULL check dead code and causing -ENOENT not to be returned for the last e...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of listnextentry in cgroupstoragegetnextkey. This approach does not return NULL, potentially...

CVE-2026-45838

bpf: fix end-of-list detection in cgroupstoragegetnextkey...

Linux Distros Unpatched Vulnerability : CVE-2026-45838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list he...

PT-2026-43672

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the cgroup storage get next key function within the bpf subsystem. The list next entry function does not return NULL; instead, when the current element is the last...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The commit bc235cdb423a “bpf: Prevent deadlock from recursive bpftaskstorageget|delete” first introduced deadlock prevention for fentry/fexit programs attaching to bpftaskstorage...

Azure Linux 3.0 Security Update: kernel (CVE-2024-58088)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-58088 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup...

kernel: bpf: Fix deadlock when freeing cgroup storage

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...

kernel: bpf: Fix deadlock when freeing cgroup storage

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...

EUVD-2025-6397

Malicious code in bioql PyPI...

OESA-2025-2272 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler. ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is...

Linux Distros Unpatched Vulnerability : CVE-2025-38502

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two...

SUSE CVE-2025-38502

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size,...