bpf: Fix constant blinding for PROBE_MEM32 stores

Description

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.79/6.18.20/6.19.10/7.0-rc4. The impacted element is the function bpf_jit_blind_insn of the component bpf. Executing a manipulation can lead to privilege escalation. This vulnerability is handled as CVE-2026-23417. The attack can only be done within the local network. Upgrading the affected component is recommended.

Affected Products

Vendor	Product	Versions
linux	linux kernel	6082b6c328b5486da2b356eae94b8b83c98b5565, 6082b6c328b5486da2b356eae94b8b83c98b5565, 6082b6c328b5486da2b356eae94b8b83c98b5565, 6082b6c328b5486da2b356eae94b8b83c98b5565, 6.9, 6.12.79, 6.18.20, 6.19.10, 7.0-rc4

References

Related News (1 articles)

Tier C

VulDB4h ago

CVE-2026-23417 | Linux Kernel up to 6.12.79/6.18.20/6.19.10/7.0-rc4 bpf bpf_jit_blind_insn privilege escalation

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

56af722756ed82fee2ae5d5b4d04743407506195ccbf29b28b5554f9d65b2fb53b994673ad58b3bfde641ea08f8fff6906e169d2576c2ac54e562fbb2321a9596d2260310267622e0ad8fbfa6f95378f06.12.806.18.216.19.117.0-rc5

PublishedApr 2, 2026

Last enriched4h agov2

Trending Score49

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack