CVE-2026-43145
Awaiting Analysis Awaiting Analysis - Queue
Linux Kernel Remoteproc Resource Table Detection Flaw

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Fix invalid loaded resource table detection imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree contains a "rsc-table" entry, priv->rsc_table is non-NULL and denotes where a resource table would be located if one is present in memory. However, when the current firmware has no resource table, rproc->table_ptr is NULL. The function still returns priv->rsc_table, and the remoteproc core interprets this as a valid loaded resource table. Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when there is no resource table for the current firmware (i.e. when rproc->table_ptr is NULL). This aligns the function's semantics with the remoteproc core: a loaded resource table is only reported when a valid table_ptr exists. With this change, starting firmware without a resource table no longer triggers a crash.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-05-07
AI Q&A
2026-05-06
EPSS Evaluated
N/A
NVD
CVE-2026-43145
EUVD
EUVD-2026-27705
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Linux kernel's remoteproc subsystem, specifically in the imx_rproc driver. The function imx_rproc_elf_find_loaded_rsc_table() may incorrectly indicate that a loaded resource table is present even when the current firmware does not provide one. This happens because the function returns a non-NULL pointer from the device tree entry even if the firmware's actual resource table pointer is NULL. As a result, the remoteproc core mistakenly treats this as a valid resource table.

The issue was fixed by modifying the function to return NULL when there is no resource table for the current firmware, preventing the system from falsely detecting a resource table and avoiding crashes when starting firmware without a resource table.


How can this vulnerability impact me? :

This vulnerability can cause the system to crash when starting firmware that does not include a resource table. The incorrect detection of a loaded resource table leads the remoteproc core to operate under false assumptions, potentially destabilizing the system or causing unexpected failures during firmware initialization.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is fixed by updating the Linux kernel to a version where the imx_rproc_elf_find_loaded_rsc_table() function correctly returns NULL when no resource table is present in the current firmware.

Therefore, the immediate mitigation step is to apply the kernel update or patch that includes this fix to prevent crashes caused by incorrect detection of loaded resource tables.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart