Skip to main content

Linux Kernel CVE-2026-43335

| EUVDEUVD-2026-28619 MEDIUM
NULL Pointer Dereference (CWE-476)
2026-05-08 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-hgmq-893h-gwr8
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 15, 2026 - 22:30 vuln.today
CVSS changed
May 15, 2026 - 20:07 NVD
5.5 (MEDIUM)
Patch available
May 08, 2026 - 15:02 EUVD
CVE Published
May 08, 2026 - 14:16 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes()

The change to dynamic IDs for SM8450 platform interconnects left two links unconverted, fix it to avoid the NULL pointer dereference in runtime, when a pointer to a destination interconnect is not valid:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 <...> Call trace: icc_link_nodes+0x3c/0x100 (P) qcom_icc_rpmh_probe+0x1b4/0x528 platform_probe+0x64/0xc0 really_probe+0xc4/0x2a8 __driver_probe_device+0x80/0x140 driver_probe_device+0x48/0x170 __device_attach_driver+0xc0/0x148 bus_for_each_drv+0x88/0xf0 __device_attach+0xb0/0x1c0 device_initial_probe+0x58/0x68 bus_probe_device+0x40/0xb8 deferred_probe_work_func+0x90/0xd0 process_one_work+0x15c/0x3c0 worker_thread+0x2e8/0x400 kthread+0x150/0x208 ret_from_fork+0x10/0x20 Code: 900310f4 911d6294 91008280 94176078 (f94002a0) ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Oops: Fatal exception

AnalysisAI

Null pointer dereference in Linux kernel's Qualcomm SM8450 interconnect driver causes local denial of service during device probe. The vulnerability affects Linux kernel 6.19.x through 7.0-rc6 on Qualcomm SM8450 platforms when the interconnect driver initializes. Upstream patches are available (commits 77d22bf3fc5d and dbbd550d7c8d). EPSS score of 0.02% indicates very low observed exploitation probability, and no active exploitation or public POC has been identified. Real-world risk is limited to local authenticated users on affected Qualcomm SoC platforms during driver initialization.

Technical ContextAI

The vulnerability resides in the Qualcomm interconnect driver for SM8450 SoCs within the Linux kernel's interconnect framework, which manages bandwidth and QoS between hardware components. The icc_link_nodes() function attempts to establish links between interconnect nodes using dynamically assigned IDs. Two interconnect links were left unconverted during the migration from static to dynamic ID allocation, resulting in NULL destination node pointers. When icc_link_nodes() dereferences these NULL pointers at offset 0x08 (attempting to access node metadata), the kernel triggers a NULL pointer dereference (CWE-476). This occurs during platform device probe via qcom_icc_rpmh_probe(), specifically during the initialization sequence where interconnect topology is constructed. The affected CPE strings indicate this impacts Linux kernel 7.0-rc1 through 7.0-rc6 and the 6.19.x stable series. The vulnerability is Qualcomm SM8450 platform-specific and does not affect other architectures or interconnect drivers.

RemediationAI

Upgrade to Linux kernel 6.19.12 or later for stable branch users, or Linux kernel 7.0 final release or later for mainline users. The fix involves correcting unconverted interconnect link definitions in the SM8450 driver to use proper dynamic node IDs, preventing NULL pointer dereferences during icc_link_nodes() calls. Patches are available from upstream kernel.org repositories at commit 77d22bf3fc5d1bcdee035979b07840c9c2ece8f2 (mainline) and dbbd550d7c8d90d3af9fe8a12a9caff077ddb8e3 (stable 6.19.12). For systems unable to immediately upgrade, compensating controls include: avoid running 7.0-rc kernels in production environments (use stable releases only), defer SM8450 platform deployments until patched kernels are available, or blacklist the qcom-sm8450-interconnect driver module to prevent probe (side effect: interconnect bandwidth management disabled, potential performance degradation for memory-intensive workloads). Distribution-specific patched kernel packages should be prioritized over manual compilation where available.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-43335 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy