CVE-2026-43150

HIGH EPSS 3.6%
Published May 6, 20261mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models (at least with a warning), and unknown revisions of those which we do know, as although things do frequently change between releases, typically enough remains the same to be somewhat useful for at least some basic bringup checks. However, we also make assumptions of the maximum supported sizes and numbers of things in various places, and there's no guarantee that something new might not be bigger and lead to nasty array overflows. Make sure we only try to run on things that actually match our assumptions and so will not risk memory corruption. We have at least always failed on completely unknown node types, so update that error message for clarity and consistency too.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
3.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥6.1.63  –  <6.1.165
linuxlinux_kernel*≥6.5  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 6

  • git.kernel.org https://git.kernel.org/stable/c/00d69f21ef2ab00e6156c764d89e2b3539eb2f33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/08c7eadd8a934a1968e1aeeee8b61b853b99fb3a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/36c0de02575ce59dfd879eb4ef63d53a68bbf9ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7e2c200010aa93fa78201da959b4ac6b9f8fed0b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a251d866f50b6a4c95901fa722025065679c2eca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3e837e11ee9ed08df229272319199003ba00379
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/00d69f21ef2ab00e6156c764d89e2b3539eb2f33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/08c7eadd8a934a1968e1aeeee8b61b853b99fb3a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/36c0de02575ce59dfd879eb4ef63d53a68bbf9ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7e2c200010aa93fa78201da959b4ac6b9f8fed0b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a251d866f50b6a4c95901fa722025065679c2eca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3e837e11ee9ed08df229272319199003ba00379
    Patch