CVE-2026-45876
Analyzed Analyzed - Analysis Complete

arm64/gcs Error Handling Fix in Linux Kernel

Vulnerability report for CVE-2026-45876, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-27

Last updated on: 2026-06-25

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in arch_set_shadow_stack_status() alloc_gcs() returns an error-encoded pointer on failure, which comes from do_mmap(), not NULL. The current NULL check fails to detect errors, which could lead to using an invalid GCS address. Use IS_ERR_VALUE() to properly detect errors, consistent with the check in gcs_alloc_thread_stack().

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-27
Last Modified
2026-06-25
Generated
2026-07-07
AI Q&A
2026-05-27
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.13 (inc) to 6.18.14 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.4 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's arm64/gcs component, specifically in the function arch_set_shadow_stack_status().

The issue arises because alloc_gcs() returns an error-encoded pointer on failure, which originates from do_mmap(), rather than returning NULL.

However, the current code only checks for NULL to detect errors, which fails to identify these error pointers.

As a result, the system might use an invalid GCS (Generic Code Stack) address.

The fix involves using IS_ERR_VALUE() to properly detect error pointers, aligning with the error checking done in gcs_alloc_thread_stack().

Impact Analysis

If this vulnerability is exploited or triggered, it could lead to the use of invalid memory addresses related to the Generic Code Stack.

This could potentially cause system instability, crashes, or unpredictable behavior in the Linux kernel on affected arm64 systems.

Such instability might be leveraged by attackers to cause denial of service or other unintended effects.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45876. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart