CVE-2026-43306
Published: May 8, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIG_CFI enabled, the kernel strictly enforces that indirect function calls use a function pointer type that matches the target function. I ran into the following type mismatch when running BPF self-tests: CFI failure at bpf_obj_free_fields+0x190/0x238 (target: bpf_crypto_ctx_release+0x0/0x94; expected type: 0xa488ebfc) Internal error: Oops - CFI: 00000000f2008228 [#1] SMP ... As bpf_crypto_ctx_release() is also used in BPF programs and using a void pointer as the argument would make the verifier unhappy, add a simple stub function with the correct type and register it as the destructor kfunc instead.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3e1c6f35409f9e447bf37f64840f5b65576bfb78 - < 4e3e57dbf46dad3498f8c4219ce2dba756875962affected 3e1c6f35409f9e447bf37f64840f5b65576bfb78 - < 50d6fd69388cc7b05dce72f09080674dcede4ac9affected 3e1c6f35409f9e447bf37f64840f5b65576bfb78 - < 3979a550fe06b370d73647f59cf462fa525c9ec4affected 3e1c6f35409f9e447bf37f64840f5b65576bfb78 - < b40a5d724f29fc2eed23ff353808a9aae616b48a |
Linux | Linux | affected 6.10unaffected 0 - < 6.10unaffected 6.12.75 - <= 6.12.*unaffected 6.18.16 - <= 6.18.*unaffected 6.19.6 - <= 6.19.*+1 more versions |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now