Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIG_CFI enabled, the kernel strictly enforces that indirect function calls use a function pointer type that matches the target function. I ran into the following type mismatch when running BPF self-tests: CFI failure at bpf_obj_free_fields+0x190/0x238 (target: bpf_crypto_ctx_release+0x0/0x94; expected type: 0xa488ebfc) Internal error: Oops - CFI: 00000000f2008228 [#1] SMP ... As bpf_crypto_ctx_release() is also used in BPF programs and using a void pointer as the argument would make the verifier unhappy, add a simple stub function with the correct type and register it as the destructor kfunc instead.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.10, < 6.12.75 |
References
- https://git.kernel.org/stable/c/3979a550fe06b370d73647f59cf462fa525c9ec4Patch
- https://git.kernel.org/stable/c/4e3e57dbf46dad3498f8c4219ce2dba756875962Patch
- https://git.kernel.org/stable/c/50d6fd69388cc7b05dce72f09080674dcede4ac9Patch
- https://git.kernel.org/stable/c/b40a5d724f29fc2eed23ff353808a9aae616b48aPatch
FAQ
What is CVE-2026-43306?
CVE-2026-43306 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIG_CFI enabled, the kernel strictly enforces that indirect function ca...
How severe is CVE-2026-43306?
CVE-2026-43306 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-43306?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.