HIGHCVE-2026-43321Published 2026-05-08Modified 2026-05-11CNA Linux

CVE-2026-43321: bpf: Properly mark live registers for indirect jumps

In the Linux kernel, the following vulnerability has been resolved: bpf: Properly mark live registers for indirect jumps For a `gotox rX` instruction the rX register should be marked as used in the compute_insn_live_regs() function. Fix this.

CVSS v3.1: 7.8
Severity: HIGH
Fixed in: 0
Affected Products: 2

Fix available

06.19.67.07beae54111c34ca63357ef120e115889b915beb5d1aab1ca576c90192ba961094d51b0be6355a4d6

Affected packages

Linux / Linux
< 7beae54111c34ca63357ef120e115889b915beb5 (from 493d9e0d608339a32f568504d5fd411a261bb0af) · < d1aab1ca576c90192ba961094d51b0be6355a4d6 (from 493d9e0d608339a32f568504d5fd411a261bb0af)
Linux / Linux
6.19
Fixed in 0, 6.19.6, 7.0

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

git.kernel.org
git.kernel.org

Metrics

Fix available