CVE-2026-43240

MEDIUM EPSS 2.4%
Published May 6, 20261mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=<size>", the physical range that contains the carried over IMA measurement list may fall outside the truncated RAM leading to a kernel panic. BUG: unable to handle page fault for address: ffff97793ff47000 RIP: ima_restore_measurement_list+0xdc/0x45a #PF: error_code(0x0000) – not-present page Other architectures already validate the range with page_is_ram(), as done in commit cbf9c4b9617b ("of: check previous kernel's ima-kexec-buffer against memory bounds") do a similar check on x86. Without carrying the measurement list across kexec, the attestation would fail.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥6.0  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 6

  • git.kernel.org https://git.kernel.org/stable/c/22e460b6333a5f818b042ac89201f8e735556f4a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/37f18915a261afe84dab462624ed829cddb77a9b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d7a8f5f28187e3d2958b2a134473da2665207e7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c5489d04337b47e93c0623e8145fcba3f5739efd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d4a132f121c591b60dbaf57ea91f1faf11631fbc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8f73bf0f8a57ee9b86792456bd42079bc98c6b7
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/22e460b6333a5f818b042ac89201f8e735556f4a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/37f18915a261afe84dab462624ed829cddb77a9b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d7a8f5f28187e3d2958b2a134473da2665207e7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c5489d04337b47e93c0623e8145fcba3f5739efd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d4a132f121c591b60dbaf57ea91f1faf11631fbc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8f73bf0f8a57ee9b86792456bd42079bc98c6b7
    Patch