CVE-2026-45959

Source
https://cve.org/CVERecord?id=CVE-2026-45959
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45959.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-45959
Downstream
Published
2026-05-27T12:18:16.039Z
Modified
2026-07-08T08:09:39.891341811Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree

Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the __cleanup(kfree) attribute will make the address of the local variable, rather than the address returned by kmalloc, passed to kfree directly and lead to a crash due to invalid deallocation of stack address. According to other places in the repo, the correct usage should be __free(kfree). The code coincidentally compiled because the parameter type void * of kfree is compatible with the desired type struct { ... } **.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45959.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a71475582ada92ba021852bf3c2b40ab3718549b
Fixed
9a3ace9b010ffd8c422c97844ae152f7c53d6b18
Fixed
90f9090e3e744a8fe3bb6fa0e61f577347728b0b
Fixed
d5abcc33ee76bc26d58b39dc1a097e43a99dd438

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45959.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.17.0
Fixed
6.18.14
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45959.json"