CVE-2026-43289
Kernel kexec Purgatory Entry Derivation Vulnerability
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's kexec functionality, specifically in the kexec_load_purgatory() function. The function attempts to determine the start address of an image by locating the entry point (e_entry) inside an executable section (SHF_EXECINSTR). However, if the purgatory object contains multiple executable sections with overlapping addresses (sh_addr), the entrypoint check can match more than once, which triggers a kernel warning (WARN).
The fix involves deriving the entry section from a symbol called purgatory_start when it is present, and computing the image start address from its final placement. The previous fallback method using e_entry is still kept for purgatories that do not expose this symbol.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to trigger a warning (WARN) during the kexec process if multiple executable sections overlap in the purgatory object. Such warnings can lead to instability or unexpected behavior during system reboot or kernel loading via kexec.
While the description does not explicitly mention exploitation or direct security impact, kernel warnings in critical code paths can potentially lead to system crashes or denial of service conditions, affecting system reliability.