CVE-2026-45848 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

apparmor: fix NULL sock in aa_sock_file_perm

Deal with the potential that sock and sock-sk can be NULL during
socket setup or teardown. This could lead to an oops. The fix for NULL
pointer dereference in __unix_needs_revalidation shows this is at
least possible for af_unix sockets. While the fix for af_unix sockets
applies for newer mediation this is still the fall back path for older
af_unix mediation and other sockets, so ensure it is covered.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< 68538ec34fcb4194c7961dc4eca6f5537fec8067
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< 5121b7283f1c46e4c06b88b1dda7b064429d77de
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< c11b7c3280d000376e27ebfed17ec7046699eab4
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< 0dc19bca22606f7a61d5988408f74e3ae0ef3486
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< 3852eb9a0392eb435c03dcb47d581bcfe6a9a95b
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< ccb66a3c6c8f51b3ed1bc003b70bb9ff99e8d835
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< 8a0ededbfcff74598f82f1d4b8ef9db28878b317
`56974a6fcfef69ee0825bd66ed13e92070ac5224`	affected	< 00b67657535dfea56e84d11492f5c0f61d0af297

Linux

affected

Version	Status	Constraints
`4.17`	affected	—
`0`	unaffected	< 4.17
`5.10.252`	unaffected	≤ 5.10.*
`5.15.202`	unaffected	≤ 5.15.*
`6.1.165`	unaffected	≤ 6.1.*
`6.6.128`	unaffected	≤ 6.6.*
`6.12.75`	unaffected	≤ 6.12.*
`6.18.14`	unaffected	≤ 6.18.*
`6.19.4`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-4606-1	linux security update

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/00b67657535dfea56e84d11492f5c0f61d0af297
https://git.kernel.org/stable/c/0dc19bca22606f7a61d5988408f74e3ae0ef3486
https://git.kernel.org/stable/c/3852eb9a0392eb435c03dcb47d581bcfe6a9a95b
https://git.kernel.org/stable/c/5121b7283f1c46e4c06b88b1dda7b064429d77de
https://git.kernel.org/stable/c/68538ec34fcb4194c7961dc4eca6f5537fec8067
https://git.kernel.org/stable/c/8a0ededbfcff74598f82f1d4b8ef9db28878b317
https://git.kernel.org/stable/c/c11b7c3280d000376e27ebfed17ec7046699eab4
https://git.kernel.org/stable/c/ccb66a3c6c8f51b3ed1bc003b70bb9ff99e8d835
https://lore.kernel.org/linux-cve-announce/2026052707-CVE-2026-45848-b001@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-45848
https://www.cve.org/CVERecord?id=CVE-2026-45848

History

Thu, 28 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026052707-CVE-2026-45848-b001@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-45848 https://www.cve.org/CVERecord?id=CVE-2026-45848

Wed, 27 May 2026 16:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aa_sock_file_perm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in __unix_needs_revalidation shows this is at least possible for af_unix sockets. While the fix for af_unix sockets applies for newer mediation this is still the fall back path for older af_unix mediation and other sockets, so ensure it is covered.
Title		apparmor: fix NULL sock in aa_sock_file_perm
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/00b67657535dfea56e84d11492f5c0f61d0af297 https://git.kernel.org/stable/c/0dc19bca22606f7a61d5988408f74e3ae0ef3486 https://git.kernel.org/stable/c/3852eb9a0392eb435c03dcb47d581bcfe6a9a95b https://git.kernel.org/stable/c/5121b7283f1c46e4c06b88b1dda7b064429d77de https://git.kernel.org/stable/c/68538ec34fcb4194c7961dc4eca6f5537fec8067 https://git.kernel.org/stable/c/8a0ededbfcff74598f82f1d4b8ef9db28878b317 https://git.kernel.org/stable/c/c11b7c3280d000376e27ebfed17ec7046699eab4 https://git.kernel.org/stable/c/ccb66a3c6c8f51b3ed1bc003b70bb9ff99e8d835

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:15:12.310Z

Updated: 2026-05-27T12:15:12.310Z

Reserved: 2026-05-13T15:03:33.078Z

Link: CVE-2026-45848

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:16:56.700

Modified: 2026-05-27T14:48:31.480

Link: CVE-2026-45848

Redhat

Severity :

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-45848 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-27T16:30:36Z

Weaknesses

CWE-476

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object