bpf: fix end-of-list detection in cgroup_storage_get_next_key()

...

SUSE CVE-2026-45838

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of listnextentry in cgroupstoragegetnextkey. This approach does not return NULL, potentially...

kernel: bpf: Fix out-of-bounds write in trie_get_next_key()

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in triegetnextkey triegetnextkey allocates a node stack with size trie-maxprefixlen, while it writes trie-maxprefixlen + 1 nodes to the stack when it has full paths from the root to leaves. For exampl...