CVE-2026-45959
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk3th percentile - higher than 3% of all known CVEs
Summary
A vulnerability in the Linux kernel has been fixed that could lead to system crashes due to incorrect usage of the cleanup function kfree. The issue stemmed from incorrectly annotating a local pointer variable, resulting in the wrong address being passed to kfree.
Risk Assessment
Organizations may experience system crashes, leading to downtime and potential data loss. Improper memory management may also pose additional security risks.
Recommendation
It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability. Additionally, a code audit should be conducted to identify similar issues in other parts of the application.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the `__cleanup(kfree)` attribute will make the address of the local variable, rather than the address returned by kmalloc, passed to kfree directly and lead to a crash due to invalid deallocation of stack address. According to other places in the repo, the correct usage should be `__free(kfree)`. The code coincidentally compiled because the parameter type `void *` of kfree is compatible with the desired type `struct { ... } **`.

