CVE Catalog

CVE-2026-45848

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile - higher than 6% of all known CVEs

Summary

In the Linux kernel, a vulnerability was found in the AppArmor module where the aa_sock_file_perm function does not check for NULL pointers for sock and sock->sk. This can lead to a NULL pointer dereference (oops) during socket setup or teardown, especially for af_unix sockets.

Risk Assessment

An attacker could exploit this vulnerability to cause a system crash (oops), leading to a denial of service (DoS) for processes using network sockets.

Recommendation

Immediately update the Linux kernel to a version containing the fix that adds NULL pointer checks for sock and sock->sk in the aa_sock_file_perm function.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aa_sock_file_perm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in __unix_needs_revalidation shows this is at least possible for af_unix sockets. While the fix for af_unix sockets applies for newer mediation this is still the fall back path for older af_unix mediation and other sockets, so ensure it is covered.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS