5.5

CVE-2026-43145

remoteproc: imx_rproc: Fix invalid loaded resource table detection

In the Linux kernel, the following vulnerability has been resolved:

remoteproc: imx_rproc: Fix invalid loaded resource table detection

imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded
resource table even when the current firmware does not provide one.

When the device tree contains a "rsc-table" entry, priv->rsc_table is
non-NULL and denotes where a resource table would be located if one is
present in memory. However, when the current firmware has no resource
table, rproc->table_ptr is NULL. The function still returns
priv->rsc_table, and the remoteproc core interprets this as a valid loaded
resource table.

Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when
there is no resource table for the current firmware (i.e. when
rproc->table_ptr is NULL). This aligns the function's semantics with the
remoteproc core: a loaded resource table is only reported when a valid
table_ptr exists.

With this change, starting firmware without a resource table no longer
triggers a crash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.168 < 5.15.202
LinuxLinux Kernel Version >= 6.1.113 < 6.1.165
LinuxLinux Kernel Version >= 6.6.57 < 6.6.128
LinuxLinux Kernel Version >= 6.11.4 < 6.12.75
LinuxLinux Kernel Version >= 6.13 < 6.18.16
LinuxLinux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.023
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/91baf24d972ea3c04a75dd18821c03d223c0dbc0
Patch
https://git.kernel.org/stable/c/fcec79b6a3649ae7b1f659267602ca402c240d6e
Patch
https://git.kernel.org/stable/c/9bd98d088f47153a81a6ec8162b4415c64aa7f39
Patch
https://git.kernel.org/stable/c/65379adf7d231c930572db45933ff4538f4c5128
Patch
https://git.kernel.org/stable/c/500778df9e4c313190368908ff40c23948508e97
Patch
https://git.kernel.org/stable/c/198c629bd03863591f3fbf5ce8ff974a33f13dc9
Patch
https://git.kernel.org/stable/c/26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d
Patch