CVE-2026-45876
Awaiting Analysis Awaiting Analysis - Queue
arm64/gcs Error Handling Fix in Linux Kernel

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in arch_set_shadow_stack_status() alloc_gcs() returns an error-encoded pointer on failure, which comes from do_mmap(), not NULL. The current NULL check fails to detect errors, which could lead to using an invalid GCS address. Use IS_ERR_VALUE() to properly detect errors, consistent with the check in gcs_alloc_thread_stack().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45876
EUVD
EUVD-2026-32342
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's arm64/gcs component, specifically in the function arch_set_shadow_stack_status().

The issue arises because alloc_gcs() returns an error-encoded pointer on failure, which originates from do_mmap(), rather than returning NULL.

However, the current code only checks for NULL to detect errors, which fails to identify these error pointers.

As a result, the system might use an invalid GCS (Generic Code Stack) address.

The fix involves using IS_ERR_VALUE() to properly detect error pointers, aligning with the error checking done in gcs_alloc_thread_stack().

Impact Analysis

If this vulnerability is exploited or triggered, it could lead to the use of invalid memory addresses related to the Generic Code Stack.

This could potentially cause system instability, crashes, or unpredictable behavior in the Linux kernel on affected arm64 systems.

Such instability might be leveraged by attackers to cause denial of service or other unintended effects.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45876. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart