CVE-2026-43463 PUBLISHED

rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()

Assigner: Linux
Reserved: 01.05.2026 Published: 08.05.2026 Updated: 08.05.2026

In the Linux kernel, the following vulnerability has been resolved:

rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()

rxrpc_kernel_lookup_peer() can also return error pointers in addition to NULL, so just checking for NULL is not sufficient.

Fix this by:

(1) Changing rxrpc_kernel_lookup_peer() to return -ENOMEM rather than NULL on allocation failure.

(2) Making the callers in afs use IS_ERR() and PTR_ERR() to pass on the error code returned.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 72904d7b9bfbf2dd146254edea93958bc35bbbfe to d55fa7cd4b19ba91b34b307d769c149e56ad0a75 (excl.)
  • affected from 72904d7b9bfbf2dd146254edea93958bc35bbbfe to 54331c5dcc6d97683d7ca2788e7ef9c9505e1477 (excl.)
  • affected from 72904d7b9bfbf2dd146254edea93958bc35bbbfe to 4245a79003adf30e67f8e9060915bd05cb31d142 (excl.)
  • Version 056fc740be000d39a7dba700a935f3bbfbc664e6 is affected
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.8 is affected
  • unaffected from 0 to 6.8 (excl.)
  • unaffected from 6.18.19 to 6.18.* (incl.)
  • unaffected from 6.19.9 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References