CVE-2026-43463

by Fred · 08/05/2026

In the Linux kernel, the following vulnerability has been resolved:

rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()

rxrpc_kernel_lookup_peer() can also return error pointers in addition to
NULL, so just checking for NULL is not sufficient.

Fix this by:

(1) Changing rxrpc_kernel_lookup_peer() to return -ENOMEM rather than NULL
on allocation failure.

(2) Making the callers in afs use IS_ERR() and PTR_ERR() to pass on the
error code returned.