CVE-2026-43178

Source
https://cve.org/CVERecord?id=CVE-2026-43178
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43178.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43178
Downstream
Published
2026-05-06T11:27:51.524Z
Modified
2026-07-16T03:31:09.313675382Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
procfs: fix possible double mmput() in do_procmap_query()
Details

In the Linux kernel, the following vulnerability has been resolved:

procfs: fix possible double mmput() in doprocmapquery()

When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocked mmaplock/per-VMA lock and did mmput(), so original goto out is now wrong and will double-mmput() mmstruct. Fix by jumping further to clean up only vmfile and name_buf.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43178.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b9b97e6aeb534315f9646b2090d1a5024c6a4e82
Fixed
f9fe092084cd04deea18747f58a2304026e76aaa
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cbc03ce3e6ce7e21214c3f02218213574c1a2d08
Fixed
8adaff87db143583e08eec4f4e7788f1ef8af94d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b5cbacd7f86f4f62b8813688c8e73be94e8e1951
Fixed
90f5e87c9b75833b9ef3a4415b92c0247f28ab2f
Fixed
61dc9f776705d6db6847c101b98fa4f0e9eb6fa3
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6.12.70
Fixed
6.12.75
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6.18.10
Fixed
6.18.16

Affected versions

v6.*
v6.12.70
v6.12.71
v6.12.72
v6.12.73
v6.12.74
v6.18.10
v6.18.11
v6.18.12
v6.18.13
v6.18.14
v6.18.15

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43178.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43178.json"