CVE-2026-43124
Awaiting Analysis Awaiting Analysis - Queue
Kernel Memory Corruption in Pstore RAM Core

Publication date: 2026-05-06

Last updated on: 2026-05-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: pstore: ram_core: fix incorrect success return when vmap() fails In persistent_ram_vmap(), vmap() may return NULL on failure. If offset is non-zero, adding offset_in_page(start) causes the function to return a non-NULL pointer even though the mapping failed. persistent_ram_buffer_map() therefore incorrectly returns success. Subsequent access to prz->buffer may dereference an invalid address and cause crashes. Add proper NULL checking for vmap() failures.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-08
Generated
2026-06-16
AI Q&A
2026-05-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43124
EUVD
EUVD-2026-27683
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.2 (inc) to 6.6.128 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.75 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.16 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.6 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.202 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.165 (exc)
linux linux_kernel From 3.16.62 (inc) to 5.10.252 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's pstore ram_core component. Specifically, the function persistent_ram_vmap() uses vmap() to create a memory mapping. However, if vmap() fails and returns NULL, the code may still return a non-NULL pointer due to an incorrect calculation involving an offset. This causes persistent_ram_buffer_map() to incorrectly report success even though the mapping failed.

As a result, subsequent access to the buffer may dereference an invalid memory address, which can lead to system crashes.

The fix involves adding proper NULL checking for vmap() failures to prevent this incorrect success return.

Impact Analysis

This vulnerability can cause the system to crash due to dereferencing invalid memory addresses when the memory mapping fails but is incorrectly reported as successful.

Such crashes can lead to system instability, potential data loss, and denial of service conditions.

Mitigation Strategies

To mitigate this vulnerability, ensure that your Linux kernel is updated to a version where the pstore: ram_core issue has been fixed. This fix involves proper NULL checking for vmap() failures in persistent_ram_vmap(), preventing crashes caused by dereferencing invalid addresses.

If updating the kernel immediately is not possible, avoid using features or modules that rely on persistent_ram_vmap() or pstore ram_core functionality, as they may trigger the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43124. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart