CVE-2026-45971 PUBLISHED

bpf: Limit bpf program signature size

Assigner: Linux
Reserved: 13.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

bpf: Limit bpf program signature size

Practical BPF signatures are significantly smaller than KMALLOC_MAX_CACHE_SIZE

Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensive allocation paths (via kmalloc_large or vmalloc).

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 349271568303695f0ac3563af153d2b4542f6986 to 5835a077c6f5c565d525eaca9fac01572b97a9b9 (excl.) affected from 349271568303695f0ac3563af153d2b4542f6986 to eb8166c79097996396468a341de258a798789d36 (excl.) affected from 349271568303695f0ac3563af153d2b4542f6986 to ea1535e28bb3773fc0b3cbd1f3842b808016990c (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 6.18 is affected unaffected from 0 to 6.18 (excl.) unaffected from 6.18.14 to 6.18.* (incl.) unaffected from 6.19.4 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)

CVE-2026-45971 PUBLISHED

bpf: Limit bpf program signature size

Product Status

References