HOMEVULNERABILITIESCVE-2026-45870
NONE

CVE-2026-45870

Published: May 27, 2026· Updated: May 27, 2026

Official Description

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths

The gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()

functions allocate memory via gssx_dec_buffer(), which calls

kmemdup(). When a subsequent decode operation fails, these

functions return immediately without freeing previously

allocated buffers, causing memory leaks.

The leak in gssx_dec_ctx() is particularly relevant because

the caller (gssp_accept_sec_context_upcall) initializes several

buffer length fields to non-zero values, resulting in memory

allocation:

struct gssx_ctx rctxh = {

.exported_context_token.len = GSSX_max_output_handle_sz,

.mech.len = GSS_OID_MAX_LEN,

.src_name.display_name.len = GSSX_max_princ_sz,

.targ_name.display_name.len = GSSX_max_princ_sz

};

If, for example, gssx_dec_name() succeeds for src_name but

fails for targ_name, the memory allocated for

exported_context_token, mech, and src_name.display_name

remains unreferenced and cannot be reclaimed.

Add error handling with goto-based cleanup to free any

previously allocated buffers before returning an error.

NVD Source

Technical Analysis

CVE-2026-45870 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (8)

Quick Facts

CVE IDCVE-2026-45870
SeverityNONE
CISA KEVNo
PublishedMay 27, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-45870 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.