CVE-2026-43124

Summary

In the Linux kernel, the following vulnerability has been resolved:

pstore: ram_core: fix incorrect success return when vmap() fails

In persistent_ram_vmap(), vmap() may return NULL on failure.

If offset is non-zero, adding offset_in_page(start) causes the function to return a non-NULL pointer even though the mapping failed. persistent_ram_buffer_map() therefore incorrectly returns success.

Subsequent access to prz->buffer may dereference an invalid address and cause crashes.

Add proper NULL checking for vmap() failures.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < d47234840aeb4182ed3ee795c578b1dfa9cbd25baffected
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < 49918dd52615097529811d21ec6074dd02ebe77caffected
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < 8baa234181f632cabacf73e4834a910859e9fcc9affected
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < 1da904e84de608907662ad8a51ba9c571d61e003affected
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < 8d849adfbc3e98417fb541620568db1a759ef441affected
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < 2c99326dc1c79b7ce3c8dd92929b5ce724ff70ebaffected
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < 88d5b28f63c7aac1271784e3b800ed405d1cde75affected
LinuxLinux831b624df1b420c8f9281ed1307a8db23afb72df < 05363abc7625cf18c96e67f50673cd07f11da5e9affected
LinuxLinux9095f19baae92afb978f8df77d19280fe291b337affected
LinuxLinux36a9916189b46b78dbf4fa542739b464444f0537affected
LinuxLinux1cd01dba1355e291f636555b1920625ed58c1623affected
LinuxLinux7026e2457c5b0c0e8a81e65a8209b8420a437b4daffected
LinuxLinux1e5b387747ba285a64348b9a96b246d0b9d52b03affected
LinuxLinuxd0028f48b33086cf6d8f87831a650866107b5785affected
LinuxLinux3.16.62 < 3.17affected
LinuxLinux3.18.123 < 3.19affected
LinuxLinux4.4.158 < 4.5affected
LinuxLinux4.9.129 < 4.10affected
LinuxLinux4.14.72 < 4.15affected
LinuxLinux4.18.10 < 4.19affected
LinuxLinux4.19affected
LinuxLinux0 < 4.19unaffected
LinuxLinux5.10.252 <= 5.10.*unaffected
LinuxLinux5.15.202 <= 5.15.*unaffected
LinuxLinux6.1.165 <= 6.1.*unaffected
LinuxLinux6.6.128 <= 6.6.*unaffected
LinuxLinux6.12.75 <= 6.12.*unaffected
LinuxLinux6.18.16 <= 6.18.*unaffected
LinuxLinux6.19.6 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References