CVE Catalog

CVE-2026-45971

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability in the Linux kernel related to BPF programs has been resolved by limiting the size of BPF program signatures. Allowing larger sizes can lead to abuse, forcing the kernel into costly memory allocations.

Risk Assessment

Exploitation of this vulnerability may lead to system strain, potentially affecting its stability and performance. Organizations should be aware of potential attacks leveraging this flaw.

Recommendation

It is recommended to update the Linux kernel to the latest version to patch this vulnerability. Additionally, monitoring the use of BPF programs may help in detecting potential abuses.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOC_MAX_CACHE_SIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensive allocation paths (via kmalloc_large or vmalloc).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS