{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-45848","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-13T15:03:33.078Z","datePublished":"2026-05-27T12:15:12.310Z","dateUpdated":"2026-05-27T12:15:12.310Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-27T12:15:12.310Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix NULL sock in aa_sock_file_perm\n\nDeal with the potential that sock and sock-sk can be NULL during\nsocket setup or teardown. This could lead to an oops. The fix for NULL\npointer dereference in __unix_needs_revalidation shows this is at\nleast possible for af_unix sockets. While the fix for af_unix sockets\napplies for newer mediation this is still the fall back path for older\naf_unix mediation and other sockets, so ensure it is covered."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["security/apparmor/net.c"],"versions":[{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"68538ec34fcb4194c7961dc4eca6f5537fec8067","status":"affected","versionType":"git"},{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"5121b7283f1c46e4c06b88b1dda7b064429d77de","status":"affected","versionType":"git"},{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"c11b7c3280d000376e27ebfed17ec7046699eab4","status":"affected","versionType":"git"},{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"0dc19bca22606f7a61d5988408f74e3ae0ef3486","status":"affected","versionType":"git"},{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"3852eb9a0392eb435c03dcb47d581bcfe6a9a95b","status":"affected","versionType":"git"},{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"ccb66a3c6c8f51b3ed1bc003b70bb9ff99e8d835","status":"affected","versionType":"git"},{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"8a0ededbfcff74598f82f1d4b8ef9db28878b317","status":"affected","versionType":"git"},{"version":"56974a6fcfef69ee0825bd66ed13e92070ac5224","lessThan":"00b67657535dfea56e84d11492f5c0f61d0af297","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["security/apparmor/net.c"],"versions":[{"version":"4.17","status":"affected"},{"version":"0","lessThan":"4.17","status":"unaffected","versionType":"semver"},{"version":"5.10.252","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.202","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.165","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.128","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","status":"unaffected","versionType":"semver"},{"version":"7.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"5.10.252"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"5.15.202"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"6.1.165"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"6.6.128"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"6.12.75"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"6.18.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"6.19.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"7.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/68538ec34fcb4194c7961dc4eca6f5537fec8067"},{"url":"https://git.kernel.org/stable/c/5121b7283f1c46e4c06b88b1dda7b064429d77de"},{"url":"https://git.kernel.org/stable/c/c11b7c3280d000376e27ebfed17ec7046699eab4"},{"url":"https://git.kernel.org/stable/c/0dc19bca22606f7a61d5988408f74e3ae0ef3486"},{"url":"https://git.kernel.org/stable/c/3852eb9a0392eb435c03dcb47d581bcfe6a9a95b"},{"url":"https://git.kernel.org/stable/c/ccb66a3c6c8f51b3ed1bc003b70bb9ff99e8d835"},{"url":"https://git.kernel.org/stable/c/8a0ededbfcff74598f82f1d4b8ef9db28878b317"},{"url":"https://git.kernel.org/stable/c/00b67657535dfea56e84d11492f5c0f61d0af297"}],"title":"apparmor: fix NULL sock in aa_sock_file_perm","x_generator":{"engine":"bippy-1.2.0"}}}}