CVE-2026-43242

/* * PoC Concept for CVE-2026-43242 * Trigger: Repeatedly bind/unbind the ti-k3-socinfo driver to force probe and failure. * This requires a system with the vulnerable driver loaded. */ #include <stdio.h> #include <stdlib.h> int main() { printf("[*] Attempting to trigger regmap leak in ti-k3-socinfo...\n"); // In a real scenario, one would interact with sysfs to unbind/bind // the device: /sys/bus/platform/drivers/ti-k3-socinfo/... // Repeatedly causing probe deferral or failure leaks regmap memory. for(int i=0; i<1000; i++) { // Pseudo-code: trigger device bind/unbind loop // system("echo '44000000.socinfo' > /sys/bus/platform/drivers/ti-k3-socinfo/unbind"); // system("echo '44000000.socinfo' > /sys/bus/platform/drivers/ti-k3-socinfo/bind"); // usleep(10000); } return 0; }

{"cve": {"id": "CVE-2026-43242", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2026-05-06T12:16:44.590", "lastModified": "2026-05-11T14:22:05.640", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: ti: k3-socinfo: Fix regmap leak on probe failure\n\nThe mmio regmap allocated during probe is never freed.\n\nSwitch to using the device managed allocator so that the regmap is\nreleased on probe failures (e.g. probe deferral) and on driver unbind."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-401"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.238", "versionEndExcluding": "5.10.252", "matchCriteriaId": "9C5D1E7E-BF70-4891-9B61-C507B0379598"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.185", "versionEndExcluding": "5.15.202", "matchCriteriaId": "7030EAF8-EA1D-4206-B91E-1A418F295D82"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.141", "versionEndExcluding": "6.1.165", "matchCriteriaId": "DE214410-BB18-43F4-BD7A-E74B04620CBF"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.93", "versionEndExcluding": "6.6.128", "matchCriteriaId": "4F231973-97E1-4413-BA16-F7FCB9861055"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12.31", "versionEndExcluding": "6.12.75", "matchCriteriaId": "18F2ACF6-2B62-41B0-8311-210B7C5F95D7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14.9", "versionEndExcluding": "6.18.16", "matchCriteriaId": "7435C2DE-89BB-45A0-B6B9-F9A502974D94"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "6.19.6", "matchCriteriaId": "373EEEDA-FAA1-4FB4-B6ED-DB4DD99DBE67"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/458136527fe127fd051c1c9537f4540849780d70", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/ab1ac24c407e4df326d7154a4deadd444e9209d9", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/b1006b5892ec8a95d039a89b47e6fd69cf607405", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/bbaa9e615608c204d384a7d4b1a434580a142d4c", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/c933138d45176780fabbbe7da263e04d5b3e525d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/c97c21d342838b2a7787b0f1d6ad417e85c906f6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/d451bf970a0c54b586f8b3161261bdf35d463c99", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/eaa16059f9af26d8b8a6f3e887649f58e8ca96c9", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}]}}