Skip to main content

Linux Kernel CVE-2026-43212

| EUVDEUVD-2026-27772 HIGH
2026-05-06 Linux GHSA-c859-65q3-j346
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SUSE
HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 08, 2026 - 13:38 vuln.today
CVSS changed
May 08, 2026 - 13:22 NVD
7.8 (HIGH)
Patch available
May 06, 2026 - 13:32 EUVD
CVE Published
May 06, 2026 - 11:28 nvd
HIGH 7.8

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE

The arch definition of cpumask_of_node() cannot handle NUMA_NO_NODE - which is a valid index - so add a check for this.

AnalysisAI

LoongArch architecture's cpumask_of_node() function in the Linux kernel mishandles NUMA_NO_NODE (-1) as a node index, potentially enabling local authenticated users to achieve high confidentiality, integrity, and availability impacts (CVSS 7.8). Patches available across multiple stable kernel branches (6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0) address the improper input validation. EPSS score of 0.02% (7th percentile) indicates low observed exploitation probability. No public exploit identified at time of analysis.

Technical ContextAI

The vulnerability resides in the LoongArch architecture-specific implementation of cpumask_of_node(), a kernel function that returns the CPU affinity mask for a given NUMA node. NUMA_NO_NODE is a special sentinel value (typically -1) used throughout the kernel to indicate 'no specific NUMA node' or fallback to default node selection. The LoongArch implementation failed to validate this edge case, potentially causing out-of-bounds memory access when the invalid node index is used to look up CPU masks in node-to-CPU mapping tables. This affects systems running LoongArch processors with NUMA topology support. The affected CPE strings indicate broad historical exposure dating back to kernel commit 1da177e4c3f4 (the initial Linux 2.6.12 release in 2005), though LoongArch architecture support was only added much later, so practical exposure is limited to kernels with LoongArch support. While no CWE is assigned, this represents improper input validation (CWE-20) leading to potential out-of-bounds read (CWE-125).

RemediationAI

Upgrade to patched kernel versions: 6.1.165 or later for 6.1.x LTS series, 6.6.128+ for 6.6.x LTS, 6.12.75+ for 6.12.x stable, 6.18.16+ for 6.18.x, 6.19.6+ for 6.19.x, or migrate to mainline 7.0+. Patches available from https://git.kernel.org/stable/ with commit hashes provided in references. For systems unable to immediately patch, consider restricting local user access on affected LoongArch systems and monitoring for unexpected kernel panics or memory corruption symptoms. Note that disabling NUMA support is not a viable workaround as the cpumask_of_node() function is called regardless of NUMA configuration state. Review audit logs for privilege escalation attempts on LoongArch systems. Kernel live patching solutions (kpatch, kGraft) may provide hotfix capability without reboot if organizational procedures support their use, though reboot into patched kernel is the definitive remediation.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-43212 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy