CVE-2026-43109 — Vulnetix

CVE-2026-43109 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstk_pop_sigframe() doesn't check for errors from mmap_read_lock_killable(), which is a silly oversight, and also shows that we haven't marked those functions with "__must_check", which would have immediately caught it. So let's fix both issues.

EPSS 0.02% · 6.7th percentile

Risk Scores

EPSS Score

0.02%

6.7th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	7.0, 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, 6.18.24
linux	linux_kernel	0, 0, 0

Timeline

May 6, 2026 CVE Published
May 6, 2026 PoC Published
May 6, 2026 Security Advisory
May 17, 2026 CVE Updated
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score
May 25, 2026 EPSS Score

References

https://git.kernel.org/stable/c/c64cebcc5c4f223dbcbe7dcdf74908fc092a0aa4 url
https://git.kernel.org/stable/c/262b6d38a81d51b135db81e1f30c13d30e38feee url
https://git.kernel.org/stable/c/52f657e34d7b21b47434d9d8b26fa7f6778b63a0 url
https://nvd.nist.gov/vuln/detail/CVE-2026-43109 advisory

Open in Interactive Console →