CVE Catalog

CVE-2026-45993

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel related to the LoongArch architecture, concerning the syscall dispatch table. The lack of an array_index_nospec() boundary allows access to syscall function pointers beyond the allowed range.

Risk Assessment

This vulnerability could lead to unauthorized access to kernel functions, posing a serious threat to system integrity and user data.

Recommendation

It is recommended to update the Linux kernel to the latest version that includes fixes addressing this vulnerability.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a array_index_nospec() boundry to prevent access past the syscall function pointer tables.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS