CVE-2026-43281
Out-of-Bounds Access in Linux Kernel Mailbox Subsystem
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's mailbox subsystem, specifically in the function fw_mbox_index_xlate(). The issue arises when the device tree specifies '#mbox-cells' as 0, which is against the guidance that it should be at least 1. If the mailbox controller does not provide certain function pointers (fw_xlate and of_xlate), the default fw_mbox_index_xlate() function is used without proper bounds checking. This can lead to out-of-bounds memory access.
How can this vulnerability impact me? :
The vulnerability can cause out-of-bounds memory access in the Linux kernel mailbox subsystem. This may lead to system instability, crashes, or potentially allow an attacker to execute arbitrary code or cause denial of service, depending on the context in which the mailbox is used.