CVE-2026-43145 (GCVE-0-2026-43145)
Vulnerability from cvelistv5 – Published: 2026-05-06 11:27 – Updated: 2026-05-06 11:27
VLAI?
Title
remoteproc: imx_rproc: Fix invalid loaded resource table detection
Summary
In the Linux kernel, the following vulnerability has been resolved:
remoteproc: imx_rproc: Fix invalid loaded resource table detection
imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded
resource table even when the current firmware does not provide one.
When the device tree contains a "rsc-table" entry, priv->rsc_table is
non-NULL and denotes where a resource table would be located if one is
present in memory. However, when the current firmware has no resource
table, rproc->table_ptr is NULL. The function still returns
priv->rsc_table, and the remoteproc core interprets this as a valid loaded
resource table.
Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when
there is no resource table for the current firmware (i.e. when
rproc->table_ptr is NULL). This aligns the function's semantics with the
remoteproc core: a loaded resource table is only reported when a valid
table_ptr exists.
With this change, starting firmware without a resource table no longer
triggers a crash.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux |
Affected:
64f2ca5ce97111a364a18c31772eb46c79e8b772 , < 91baf24d972ea3c04a75dd18821c03d223c0dbc0
(git)
Affected: 1d750606fedcdff7886f35a558c51b05ce2680a6 , < fcec79b6a3649ae7b1f659267602ca402c240d6e (git) Affected: 7fb5f957213bc7268bac449f8bfe95967c9f3f3b , < 9bd98d088f47153a81a6ec8162b4415c64aa7f39 (git) Affected: e954a1bd16102abc800629f9900715d8ec4c3130 , < 65379adf7d231c930572db45933ff4538f4c5128 (git) Affected: e954a1bd16102abc800629f9900715d8ec4c3130 , < 500778df9e4c313190368908ff40c23948508e97 (git) Affected: e954a1bd16102abc800629f9900715d8ec4c3130 , < 198c629bd03863591f3fbf5ce8ff974a33f13dc9 (git) Affected: e954a1bd16102abc800629f9900715d8ec4c3130 , < 26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d (git) Affected: 3d131f138e092c414c69860f2c897c59d660da99 (git) |
|||||||
|
|||||||||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/remoteproc/imx_rproc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "91baf24d972ea3c04a75dd18821c03d223c0dbc0",
"status": "affected",
"version": "64f2ca5ce97111a364a18c31772eb46c79e8b772",
"versionType": "git"
},
{
"lessThan": "fcec79b6a3649ae7b1f659267602ca402c240d6e",
"status": "affected",
"version": "1d750606fedcdff7886f35a558c51b05ce2680a6",
"versionType": "git"
},
{
"lessThan": "9bd98d088f47153a81a6ec8162b4415c64aa7f39",
"status": "affected",
"version": "7fb5f957213bc7268bac449f8bfe95967c9f3f3b",
"versionType": "git"
},
{
"lessThan": "65379adf7d231c930572db45933ff4538f4c5128",
"status": "affected",
"version": "e954a1bd16102abc800629f9900715d8ec4c3130",
"versionType": "git"
},
{
"lessThan": "500778df9e4c313190368908ff40c23948508e97",
"status": "affected",
"version": "e954a1bd16102abc800629f9900715d8ec4c3130",
"versionType": "git"
},
{
"lessThan": "198c629bd03863591f3fbf5ce8ff974a33f13dc9",
"status": "affected",
"version": "e954a1bd16102abc800629f9900715d8ec4c3130",
"versionType": "git"
},
{
"lessThan": "26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d",
"status": "affected",
"version": "e954a1bd16102abc800629f9900715d8ec4c3130",
"versionType": "git"
},
{
"status": "affected",
"version": "3d131f138e092c414c69860f2c897c59d660da99",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/remoteproc/imx_rproc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.12"
},
{
"lessThan": "6.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.202",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.165",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.128",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.75",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.202",
"versionStartIncluding": "5.15.168",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.165",
"versionStartIncluding": "6.1.113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.128",
"versionStartIncluding": "6.6.57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.75",
"versionStartIncluding": "6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.16",
"versionStartIncluding": "6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19.6",
"versionStartIncluding": "6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0",
"versionStartIncluding": "6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: imx_rproc: Fix invalid loaded resource table detection\n\nimx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded\nresource table even when the current firmware does not provide one.\n\nWhen the device tree contains a \"rsc-table\" entry, priv-\u003ersc_table is\nnon-NULL and denotes where a resource table would be located if one is\npresent in memory. However, when the current firmware has no resource\ntable, rproc-\u003etable_ptr is NULL. The function still returns\npriv-\u003ersc_table, and the remoteproc core interprets this as a valid loaded\nresource table.\n\nFix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when\nthere is no resource table for the current firmware (i.e. when\nrproc-\u003etable_ptr is NULL). This aligns the function\u0027s semantics with the\nremoteproc core: a loaded resource table is only reported when a valid\ntable_ptr exists.\n\nWith this change, starting firmware without a resource table no longer\ntriggers a crash."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T11:27:28.911Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/91baf24d972ea3c04a75dd18821c03d223c0dbc0"
},
{
"url": "https://git.kernel.org/stable/c/fcec79b6a3649ae7b1f659267602ca402c240d6e"
},
{
"url": "https://git.kernel.org/stable/c/9bd98d088f47153a81a6ec8162b4415c64aa7f39"
},
{
"url": "https://git.kernel.org/stable/c/65379adf7d231c930572db45933ff4538f4c5128"
},
{
"url": "https://git.kernel.org/stable/c/500778df9e4c313190368908ff40c23948508e97"
},
{
"url": "https://git.kernel.org/stable/c/198c629bd03863591f3fbf5ce8ff974a33f13dc9"
},
{
"url": "https://git.kernel.org/stable/c/26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d"
}
],
"title": "remoteproc: imx_rproc: Fix invalid loaded resource table detection",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-43145",
"datePublished": "2026-05-06T11:27:28.911Z",
"dateReserved": "2026-05-01T14:12:55.989Z",
"dateUpdated": "2026-05-06T11:27:28.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-43145",
"date": "2026-05-08",
"epss": "0.00024",
"percentile": "0.06984"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-43145\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-05-06T12:16:31.983\",\"lastModified\":\"2026-05-06T13:07:51.607\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nremoteproc: imx_rproc: Fix invalid loaded resource table detection\\n\\nimx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded\\nresource table even when the current firmware does not provide one.\\n\\nWhen the device tree contains a \\\"rsc-table\\\" entry, priv-\u003ersc_table is\\nnon-NULL and denotes where a resource table would be located if one is\\npresent in memory. However, when the current firmware has no resource\\ntable, rproc-\u003etable_ptr is NULL. The function still returns\\npriv-\u003ersc_table, and the remoteproc core interprets this as a valid loaded\\nresource table.\\n\\nFix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when\\nthere is no resource table for the current firmware (i.e. when\\nrproc-\u003etable_ptr is NULL). This aligns the function\u0027s semantics with the\\nremoteproc core: a loaded resource table is only reported when a valid\\ntable_ptr exists.\\n\\nWith this change, starting firmware without a resource table no longer\\ntriggers a crash.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/198c629bd03863591f3fbf5ce8ff974a33f13dc9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/500778df9e4c313190368908ff40c23948508e97\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/65379adf7d231c930572db45933ff4538f4c5128\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/91baf24d972ea3c04a75dd18821c03d223c0dbc0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9bd98d088f47153a81a6ec8162b4415c64aa7f39\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fcec79b6a3649ae7b1f659267602ca402c240d6e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…