Updated: 2026-02-22 01:31:44.775339
Description:
In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link->type in bpf_link_show_fdinfo() If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing bpf_link_type_strs[link->type] may result in an out-of-bounds access. To spot such missed invocations early in the future, checking the validity of link->type in bpf_link_show_fdinfo() and emitting a warning when such invocations are missed.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.1 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| Oracle Linux 7 ELS | kernel-uek | 5.4.17 | 7.1 | HIGH | Not Vulnerable | 2026-02-22 17:43:44 | ||
| RHEL 7 ELS | kernel | 3.10.0 | 7.1 | HIGH | Not Vulnerable | 2025-05-28 00:25:13 | ||
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 7.1 | HIGH | Not Vulnerable | 2025-01-21 00:20:51 | ||
| Ubuntu 16.04 ELS | linux | 4.4.0 | 7.1 | HIGH | Not Vulnerable | 2025-01-21 00:20:31 | ||
| Ubuntu 18.04 ELS | linux | 4.15.0 | 7.1 | HIGH | Not Vulnerable | 2025-01-21 00:20:31 |