CVE-2026-45927 in LinuxИнформация

Сводка

по MITRE • 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

bpf: Require frozen map for calculating map hash

Currently, bpf_map_get_info_by_fd calculates and caches the hash of the map regardless of the map's frozen state.

This leads to a TOCTOU bug where userspace can call BPF_OBJ_GET_INFO_BY_FD to cache the hash and then modify the map contents before freezing.

Therefore, a trusted loader can be tricked into verifying the stale hash while loading the modified contents.

Fix this by returning -EPERM if the map is not frozen when the hash is requested. This ensures the hash is only generated for the final, immutable state of the map.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

Linux

Резервировать

13.05.2026

Раскрытие

27.05.2026

Модерация

принято

Вход

VDB-366155

CPE

готов

CWE

CWE-367 (Подтверждённый)

CVSS

5.5 (VulDB)

EPSS

0.00022

KEV

Нет

Деятельности

Низкий

Сектор

Transportation, Finance, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-45927
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-45927
CVE Details	https://www.cvedetails.com/cve/CVE-2026-45927/

◂ Предыдущий Обзор Далее ▸

Do you know our Splunk app?

Download it now for free!