QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-43333

Back to search

CVE-2026-43333

Published: May 8, 2026

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: reject direct access to nullable PTR_TO_BUF pointers check_mem_access() matches PTR_TO_BUF via base_type() which strips PTR_MAYBE_NULL, allowing direct dereference without a null check. Map iterator ctx->key and ctx->value are PTR_TO_BUF | PTR_MAYBE_NULL. On stop callbacks these are NULL, causing a kernel NULL dereference. Add a type_may_be_null() guard to the PTR_TO_BUF branch, matching the existing PTR_TO_BTF_ID pattern.

VendorProductVersions

Linux

Linux

affected
b453361384c2db1c703dacb806d5fd36aec4ceca - < 10bc4a4dcded509c5d5c67d497900c3922c604cd
affected
20b2aff4bc15bda809f994761d5719827d66c0b4 - < 21a10c06ffae24cb01fd174a7ab7736001d2ea56
affected
20b2aff4bc15bda809f994761d5719827d66c0b4 - < 8755066f7bd0f4ac46a29d1708c7b20894539252
affected
20b2aff4bc15bda809f994761d5719827d66c0b4 - < 70abd9d118da2f56beb4ec22e3a29becae373535
affected
20b2aff4bc15bda809f994761d5719827d66c0b4 - < 63276547debc4d8a73eefb2c5273b2a905c961b0

+5 more versions

Linux

Linux

affected
5.17
unaffected
0 - < 5.17
unaffected
5.15.203 - <= 5.15.*
unaffected
6.1.168 - <= 6.1.*
unaffected
6.6.134 - <= 6.6.*

+4 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now