What is CVE-2026-45838?

CVE-2026-45838 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 4.19 onward and patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-45838 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-45838?

CVE-2026-45838 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-45838?

Yes, CVE-2026-45838 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.19 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-45838 actively exploited?

CVE-2026-45838 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-45838

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroup_storage_get_next_key() list_next_entry() never returns NULL -- when the current element is the last entry it wraps to the list head via container_of(). The subsequent NULL check is therefore dead code and get_next_key() never returns -ENOENT for the last element, instead reading storage->key from a bogus pointer that aliases internal map fields and copying the result to userspace. Replace it with list_entry_is_head() so the function correctly returns -ENOENT when there are no more entries.

Package Linux Kernel

Published 2026-05-27

Last modified 2026-06-01

Patch available

Yes

Affected versions

Linux kernel versions 4.19 and later are affected. Fixed in 5.10.258, 5.15.209, 6.1.175, 6.6.141, 6.12.91, 6.18.33, 7.0.10, 7.1-rc1 and their respective stable series.

Affected from

≥ 4.19

Fixed in

✓ 5.10.258 5.10.x ✓ 5.15.209 5.15.x ✓ 6.1.175 6.1.x ✓ 6.6.141 6.6.x ✓ 6.12.91 6.12.x ✓ 6.18.33 6.18.x ✓ 7.0.10 7.0.x ✓ 7.1-rc1

References

The following references provide additional information about CVE-2026-45838 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/0f3d9dd5e1fd52b39e25328307c6a694e994ffe3
Patch
Kernel patch commit
https://git.kernel.org/stable/c/26d3339e465e54107bd85884341d1609c5300d6a
Patch
Kernel patch commit
https://git.kernel.org/stable/c/2c88b2d96e1d4d0c7c4589a4593d4cdee6d332d6
Patch

8 patch commits total View all on NVD

Frequently asked questions

What is CVE-2026-45838?

CVE-2026-45838 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 4.19 onward and has been patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-45838 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-45838?

Yes — CVE-2026-45838 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.19 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-45838 actively exploited?

No — CVE-2026-45838 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.