CVE-2026-45837

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue exists in the arena vm close function during a fork operation. The arena vm open() function increments the vml->mmap count but fails to register the child Virtual Memory Area (VMA) in the arena->vma list. Consequently, the vml->vma continues to point to the parent VMA. If the parent performs a munmap, the pointer becomes dangling. A subsequent call to bpf arena free pages() by the child causes zap pages() to read the stale vml->vma, leading to a use-after-free condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.