CVE-2026-45967

Published: May 27, 2026

Modified: May 27, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The map_direct_value_addr() function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolve_pseudo_ldimm64() function adds the offset. Fix it. Corresponding selftests are added in a consequent commit.

Vendor	Product	Versions
Linux	Linux	affected `493d9e0d608339a32f568504d5fd411a261bb0af - < 73ef43202a37d779a8e665a0acae214fa59df9fb` affected `493d9e0d608339a32f568504d5fd411a261bb0af - < e3bd7bdf5ffe49d8381e42843f6e98cd0c78a1e8`
Linux	Linux	affected `6.19` unaffected `0 - < 6.19` unaffected `6.19.4 - <= 6.19.` unaffected `7.0 - <= `

References

https://git.kernel.org/stable/c/73ef43202a37d779a8e665a0acae214fa59df9fb

https://git.kernel.org/stable/c/e3bd7bdf5ffe49d8381e42843f6e98cd0c78a1e8

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-45967

Description

Affected Products

References