CVE Catalog

CVE-2026-45932

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A vulnerability in the Linux kernel has been fixed that allowed BPF_PROG_DETACH on tcx or netkit devices to be executed by any user when no program fd was provided. The fix adds a capability check for CAP_NET_ADMIN or CAP_SYS_ADMIN.

Risk Assessment

This vulnerability could lead to unauthorized access to network management functions, posing a risk to system integrity. Organizations could be exposed to attacks that might affect the security of their infrastructure.

Recommendation

It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability. Additionally, an audit of user permissions in the system should be conducted.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPF_PROG_DETACH on tcx or netkit devices could be executed by any user when no program fd was provided, bypassing permission checks. The fix adds a capability check for CAP_NET_ADMIN or CAP_SYS_ADMIN in this case.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS