In the Linux kernel, the following vulnerability has been resolved:
bpf: Return proper address for non-zero offsets in insn array
The mapdirectvalueaddr() function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolvepseudo_ldimm64() function adds the offset. Fix it. Corresponding selftests are added in a consequent commit.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45967.json",
"cna_assigner": "Linux"
}