CVE-2026-43145

MEDIUM EPSS 2.4%
Published May 6, 20261mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Fix invalid loaded resource table detection imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree contains a "rsc-table" entry, priv->rsc_table is non-NULL and denotes where a resource table would be located if one is present in memory. However, when the current firmware has no resource table, rproc->table_ptr is NULL. The function still returns priv->rsc_table, and the remoteproc core interprets this as a valid loaded resource table. Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when there is no resource table for the current firmware (i.e. when rproc->table_ptr is NULL). This aligns the function's semantics with the remoteproc core: a loaded resource table is only reported when a valid table_ptr exists. With this change, starting firmware without a resource table no longer triggers a crash.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥5.15.168  –  <5.15.202
linuxlinux_kernel*≥6.1.113  –  <6.1.165
linuxlinux_kernel*≥6.6.57  –  <6.6.128
linuxlinux_kernel*≥6.11.4  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 7

  • git.kernel.org https://git.kernel.org/stable/c/198c629bd03863591f3fbf5ce8ff974a33f13dc9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/500778df9e4c313190368908ff40c23948508e97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65379adf7d231c930572db45933ff4538f4c5128
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/91baf24d972ea3c04a75dd18821c03d223c0dbc0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9bd98d088f47153a81a6ec8162b4415c64aa7f39
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fcec79b6a3649ae7b1f659267602ca402c240d6e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/198c629bd03863591f3fbf5ce8ff974a33f13dc9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/500778df9e4c313190368908ff40c23948508e97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65379adf7d231c930572db45933ff4538f4c5128
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/91baf24d972ea3c04a75dd18821c03d223c0dbc0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9bd98d088f47153a81a6ec8162b4415c64aa7f39
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fcec79b6a3649ae7b1f659267602ca402c240d6e
    Patch