SB20260528141 - Improper access control in Linux kernel bpf



SB20260528141 - Improper access control in Linux kernel bpf

Published: May 28, 2026

Security Bulletin ID SB20260528141
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Improper access control (CVE-ID: CVE-2026-45932)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to bypass permission checks.

The vulnerability exists due to improper access control in BPF_PROG_DETACH for tcx or netkit devices when detaching a program without providing a program file descriptor. A local user can invoke the detach operation without the required capability checks to bypass permission checks.

The issue occurs only when no program file descriptor is supplied to the detach operation.


Remediation

Install update from vendor's website.