CVE-2026-45951 PUBLISHED

bpf: Fix a potential use-after-free of BTF object

Assigner: Linux
Reserved: 13.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix a potential use-after-free of BTF object

Refcounting in the check_pseudo_btf_id() function is incorrect: the __check_pseudo_btf_id() function might get called with a zero refcounted btf. Fix this, and patch related code accordingly.

v3: rephrase a comment (AI) v2: fix a refcount leak introduced in v1 (AI)

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 76145f7255326761dafb76721a785799d8a00d5f to eac65c272f3b49021a843cba5107d63627395e0e (excl.) affected from 76145f7255326761dafb76721a785799d8a00d5f to 9ff46ffeecdb1802d6e26183177935b948a12e7f (excl.) affected from 76145f7255326761dafb76721a785799d8a00d5f to ccd2d799ed4467c07f5ee18c2f5c59bcc990822c (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 6.14 is affected unaffected from 0 to 6.14 (excl.) unaffected from 6.18.14 to 6.18.* (incl.) unaffected from 6.19.4 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)

CVE-2026-45951 PUBLISHED

bpf: Fix a potential use-after-free of BTF object

Product Status

References