CVE-2026-45993
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk3th percentile - higher than 3% of all known CVEs
Summary
A vulnerability has been identified in the Linux kernel related to the LoongArch architecture, concerning the syscall dispatch table. The lack of an array_index_nospec() boundary allows access to syscall function pointers beyond the allowed range.
Risk Assessment
This vulnerability could lead to unauthorized access to kernel functions, posing a serious threat to system integrity and user data.
Recommendation
It is recommended to update the Linux kernel to the latest version that includes fixes addressing this vulnerability.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a array_index_nospec() boundry to prevent access past the syscall function pointer tables.

