NULL pointer dereference in Linux kernel - CVE-2026-43333
Published: May 9, 2026
Vulnerability identifier: #VU130843
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-43333
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper access control in the BPF verifier check_mem_access() handling of PTR_TO_BUF pointers when processing direct memory access to nullable map iterator key and value pointers. A local user can trigger direct dereference of a NULL pointer to cause a denial of service.
The issue occurs on stop callbacks where map iterator ctx->key and ctx->value can be NULL.
How to mitigate CVE-2026-43333
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/10bc4a4dcded509c5d5c67d497900c3922c604cd
- https://git.kernel.org/stable/c/21a10c06ffae24cb01fd174a7ab7736001d2ea56
- https://git.kernel.org/stable/c/4f6c99dc0420f1a3d671c1b8ab8a7ac84d9cba09
- https://git.kernel.org/stable/c/63276547debc4d8a73eefb2c5273b2a905c961b0
- https://git.kernel.org/stable/c/70abd9d118da2f56beb4ec22e3a29becae373535
- https://git.kernel.org/stable/c/8755066f7bd0f4ac46a29d1708c7b20894539252
- https://git.kernel.org/stable/c/b0db1accbc7395657c2b79db59fa9fae0d6656f3