ebpf security

CVE-2026-45838 was published by NVD on May 27, 2026, after kernel.org assigned a Linux kernel BPF flaw in cgroup_storage_get_next_key() where incorrect end-of-list handling can copy data from an invalid internal pointer to userspace. The bug is not yet scored by NVD, which means defenders are...

CVE-2026-43009 is a Linux kernel eBPF verifier flaw disclosed by kernel.org on May 1, 2026, affecting versions from 5.12 through before 6.19.12 and scored 7.8 High because a local privileged user could potentially compromise confidentiality, integrity, and availability. The short version is that...

CVE-2026-43010 is a Linux kernel BPF vulnerability published by NVD on May 1, 2026, affecting kprobe.multi attachment handling where sleepable BPF programs could be accepted in atomic/RCU context and trigger a kernel availability failure. The bug is not a glamorous remote code execution...

In the Linux kernel, CVE-2026-31525 has exposed a subtle but serious correctness flaw in the BPF interpreter’s signed 32-bit division and modulo paths. The issue is not a classic memory corruption bug; it is a math bug with security consequences, triggered when the interpreter handles S32_MIN...

CVE-2026-23319 is a classic example of how a small-looking kernel lifetime bug can become a real security concern once concurrency enters the picture. The Linux kernel issue sits in the BPF trampoline path, where a use-after-free can emerge when bpf_trampoline_link_cgroup_shim races with delayed...