PT-2026-43833 · Linux+2 · Linux Kernel+2

CVE-2026-45966

·

Published

2026-05-27

·

Updated

2026-07-06

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.17 through 6.17
Description A NULL pointer dereference occurs in the unix needs revalidation() function when receiving file descriptors via SCM RIGHTS. During socket setup or teardown, both the socket pointer and the socket's sk pointer can be NULL. The function attempts to access sock->sk->sk family without verifying if sock or sock->sk are NULL, leading to a kernel crash.
Recommendations Update the Linux kernel to a version where NULL checks for sock and sock->sk are implemented in the unix needs revalidation() function before accessing sk family.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45966
USN-8374-1
USN-8508-1

Affected Products

Linuxmint
Linux Kernel
Ubuntu