CVE-2026-43108
Heap-based Buffer Overflow in Qualcomm PD Mapper Driver
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qcom | pd-mapper | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's Qualcomm power domain mapper (pd-mapper) component. Specifically, the element length declared in the servreg_loc_pfr_req_ei structure for the 'reason' field does not match the length of the corresponding 'reason' field in servreg_loc_pfr_req. This mismatch causes a decoding error during power domain (PD) crash handling, where the string length exceeds the maximum allowed length, leading to potential errors in processing.
How can this vulnerability impact me? :
The impact of this vulnerability is related to decoding errors during power domain crash events in affected Qualcomm hardware running the Linux kernel. Such decoding errors could potentially lead to improper handling of power domain crashes, which might affect system stability or reliability in scenarios involving power management.