SB20260528141 - Improper access control in Linux kernel bpf
Published: May 28, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper access control (CVE-ID: CVE-2026-45932)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to bypass permission checks.
The vulnerability exists due to improper access control in BPF_PROG_DETACH for tcx or netkit devices when detaching a program without providing a program file descriptor. A local user can invoke the detach operation without the required capability checks to bypass permission checks.
The issue occurs only when no program file descriptor is supplied to the detach operation.
Remediation
Install update from vendor's website.