In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error...

CVE-2026-45876 → View on GitHub ↗ View on CVE.org ↗ View on NVD ↗

Description

In the Linux kernel, the following vulnerability has been resolved:

arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

alloc_gcs() returns an error-encoded pointer on failure, which comes
from do_mmap(), not NULL.

The current NULL check fails to detect errors, which could lead to using
an invalid GCS address.

Use IS_ERR_VALUE() to properly detect errors, consistent with the
check in gcs_alloc_thread_stack().

Basic information

Type
unreviewed
Severity
unknown
Advisory on GitHub
Open advisory ↗
Repository advisory
Source code
Not specified
Published (advisory)
2026-05-27 15:33:14 UTC
Updated
2026-05-27 15:33:20 UTC
NVD published
2026-05-27 14:17:01 UTC

EPSS Score

Score Percentile
0.02% 4.32%

CVSS Scores

No CVSS scores in this advisory.

Identifiers

Type Value
GHSA GHSA-c8fp-ff95-66mv ↗
CVE CVE-2026-45876 ↗

References

cvelogic Threat Intelligence