CVE-2026-43010

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject sleepable kprobemulti programs at attach time kprobe.multi programs run in atomic/RCU context and cannot sleep. However, bpfkprobemultilinkattach did not validate whether the program being attached had the sleepable...

CVE-2026-43010

CVE-2026-43010 : The Linux kernel fix addresses a bug where sleepable kprobe_multi programs could be attached in a non-sleepable context because bpf_kprobe_multi_link_attach() did not validate the sleepable flag. This allowed sleepable helpers (e.g., bpf_copy_from_user()) to be invoked from an at...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to validate the sleepable flag when the bpf kprobemulti program is attached, which could result in...

PT-2026-36427

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where bpf kprobe multi link attach fails to validate if a program being attached has the sleepable flag set. Because kprobe.multi programs operate...

CVE-2024-35860

CVE-2024-35860 affects the Linux kernel. The issue is a runtime dependency in bpf_link where, after the link’s refcnt hits zero, active BPF programs may still access link data. The patch adds two deallocation callbacks (synchronous and deferred) and makes bpf_link_free() schedule deallocation aft...