CVE-2026-45971
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel related to BPF programs has been resolved by limiting the size of BPF program signatures. Allowing larger sizes can lead to abuse, forcing the kernel into costly memory allocations.
Risk Assessment
Exploitation of this vulnerability may lead to system strain, potentially affecting its stability and performance. Organizations should be aware of potential attacks leveraging this flaw.
Recommendation
It is recommended to update the Linux kernel to the latest version to patch this vulnerability. Additionally, monitoring the use of BPF programs may help in detecting potential abuses.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOC_MAX_CACHE_SIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensive allocation paths (via kmalloc_large or vmalloc).

