What is GHSA-c8fp-ff95-66mv?

GHSA-c8fp-ff95-66mv is a security advisory published by GitHub Security Advisories with unknown severity. In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error...

Which CVE IDs does GHSA-c8fp-ff95-66mv cover?

GHSA-c8fp-ff95-66mv covers the following CVE IDs: CVE-2026-45876. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-c8fp-ff95-66mvunknown

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error...

Vendor

GitHub Security Advisories

Published

May 27, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (1)

CVE-2026-45876 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

alloc_gcs() returns an error-encoded pointer on failure, which comes from do_mmap(), not NULL.

The current NULL check fails to detect errors, which could lead to using an invalid GCS address.

Use IS_ERR_VALUE() to properly detect errors, consistent with the check in gcs_alloc_thread_stack().

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-45876
https://git.kernel.org/stable/c/53c998527ffa60f9deda8974a11ad39790684159
https://git.kernel.org/stable/c/a4741114c9622346c4bbb8cc2bbd88153616ffaf
https://git.kernel.org/stable/c/c787a235deb33be6eda40beee8f561da5fd8cb8c
https://github.com/advisories/GHSA-c8fp-ff95-66mv