CVE Catalog

CVE-2026-45959

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A vulnerability in the Linux kernel has been fixed that could lead to system crashes due to incorrect usage of the cleanup function kfree. The issue stemmed from incorrectly annotating a local pointer variable, resulting in the wrong address being passed to kfree.

Risk Assessment

Organizations may experience system crashes, leading to downtime and potential data loss. Improper memory management may also pose additional security risks.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability. Additionally, a code audit should be conducted to identify similar issues in other parts of the application.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the `__cleanup(kfree)` attribute will make the address of the local variable, rather than the address returned by kmalloc, passed to kfree directly and lead to a crash due to invalid deallocation of stack address. According to other places in the repo, the correct usage should be `__free(kfree)`. The code coincidentally compiled because the parameter type `void *` of kfree is compatible with the desired type `struct { ... } **`.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS