remoteproc: imx_rproc: Fix invalid loaded resource table detection

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-43145
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-06 12:16:31 UTC
Updated2026-05-13 21:10:02 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Fix invalid loaded resource table detection imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree contains a "rsc-table" entry, priv->rsc_table is non-NULL and denotes where a resource table would be located if one is present in memory. However, when the current firmware has no resource table, rproc->table_ptr is NULL. The function still returns priv->rsc_table, and the remoteproc core interprets this as a valid loaded resource table. Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when there is no resource table for the current firmware (i.e. when rproc->table_ptr is NULL). This aligns the function's semantics with the remoteproc core: a loaded resource table is only reported when a valid table_ptr exists. With this change, starting firmware without a resource table no longer triggers a crash.

Risk And Classification

Primary CVSS: v3.1 5.5 MEDIUM from [email protected]

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem Types: CWE-401

CVSS v3.1 Breakdown

Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Linux Linux Kernel All All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 64f2ca5ce97111a364a18c31772eb46c79e8b772 91baf24d972ea3c04a75dd18821c03d223c0dbc0 git Not specified
CNA Linux Linux affected 1d750606fedcdff7886f35a558c51b05ce2680a6 fcec79b6a3649ae7b1f659267602ca402c240d6e git Not specified
CNA Linux Linux affected 7fb5f957213bc7268bac449f8bfe95967c9f3f3b 9bd98d088f47153a81a6ec8162b4415c64aa7f39 git Not specified
CNA Linux Linux affected e954a1bd16102abc800629f9900715d8ec4c3130 65379adf7d231c930572db45933ff4538f4c5128 git Not specified
CNA Linux Linux affected e954a1bd16102abc800629f9900715d8ec4c3130 500778df9e4c313190368908ff40c23948508e97 git Not specified
CNA Linux Linux affected e954a1bd16102abc800629f9900715d8ec4c3130 198c629bd03863591f3fbf5ce8ff974a33f13dc9 git Not specified
CNA Linux Linux affected e954a1bd16102abc800629f9900715d8ec4c3130 26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d git Not specified
CNA Linux Linux affected 3d131f138e092c414c69860f2c897c59d660da99 git Not specified
CNA Linux Linux affected 6.12 Not specified
CNA Linux Linux unaffected 6.12 semver Not specified
CNA Linux Linux unaffected 5.15.202 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.165 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.128 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.75 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.16 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.6 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/91baf24d972ea3c04a75dd18821c03d223c0dbc0 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/9bd98d088f47153a81a6ec8162b4415c64aa7f39 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/26aa5295010ffaebcf8f1991c53fa7cf2ee1b20d 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/500778df9e4c313190368908ff40c23948508e97 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/65379adf7d231c930572db45933ff4538f4c5128 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/fcec79b6a3649ae7b1f659267602ca402c240d6e 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/198c629bd03863591f3fbf5ce8ff974a33f13dc9 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report