CVE-2026-53095 - CERT CVE
ID CVE-2026-53095
Sažetak In the Linux kernel, the following vulnerability has been resolved: bpf: Fix abuse of kprobe_write_ctx via freplace uprobe programs are allowed to modify struct pt_regs. Since the actual program type of uprobe is KPROBE, it can be abused to modify struct pt_regs via kprobe+freplace when the kprobe attaches to kernel functions. For example, SEC("?kprobe") int kprobe(struct pt_regs *regs) { return 0; } SEC("?freplace") int freplace_kprobe(struct pt_regs *regs) { regs->di = 0; return 0; } freplace_kprobe prog will attach to kprobe prog. kprobe prog will attach to a kernel function. Without this patch, when the kernel function runs, its first arg will always be set as 0 via the freplace_kprobe prog. To fix the abuse of kprobe_write_ctx=true via kprobe+freplace, disallow attaching freplace programs on kprobe programs with different kprobe_write_ctx values.
Reference
CVSS
Base: 0.0
Impact: None
Exploitability:None
Pristup
VektorSloženostAutentikacija
None None None
Impact
PovjerljivostCjelovitostDostupnost
None None None
CVSS vektor None
Zadnje važnije ažuriranje 24-06-2026 - 17:17
Objavljeno 24-06-2026 - 17:17