CVE-2026-43008
Analyzed Analyzed - Analysis Complete
GPIO Error Handling Flaw in Linux Kernel GPIO Qixis FPGA

Publication date: 2026-05-01

Last updated on: 2026-05-07

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devm_regmap_init_mmio() devm_regmap_init_mmio() returns an ERR_PTR() on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid pointer dereference. Use IS_ERR() and PTR_ERR() to properly handle the error case.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-07
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-14
NVD
CVE-2026-43008
EUVD
EUVD-2026-26607
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 6.19 (inc) to 6.19.12 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's gpio: qixis-fpga driver where error handling for the function devm_regmap_init_mmio() was incorrect.

The function devm_regmap_init_mmio() returns an ERR_PTR() on failure, not NULL as the original code assumed.

Because the code checked for NULL instead of using IS_ERR() and PTR_ERR() macros to detect errors, it could fail to recognize an error condition.

This improper error handling could lead to dereferencing an invalid pointer, causing potential crashes or undefined behavior.

Impact Analysis

If exploited or triggered, this vulnerability could cause the Linux kernel to dereference invalid pointers.

This may lead to system instability, crashes, or denial of service conditions.

Such impacts could affect the reliability and availability of systems running the vulnerable kernel code.

Mitigation Strategies

The vulnerability is related to improper error handling in the Linux kernel gpio qixis-fpga driver. To mitigate this vulnerability, you should update your Linux kernel to a version where this issue is fixed, as the fix involves correcting the error handling code to properly check for ERR_PTR() instead of NULL.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43008. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart