CVE-2026-43122 - Vulnerability Details

- ACPI: processor: Update cpuidle driver check in __acpi_processor_start()

Description

In the Linux kernel, the following vulnerability has been resolved:

ACPI: processor: Update cpuidle driver check in __acpi_processor_start()

Commit 7a8c994cbb2d ("ACPI: processor: idle: Optimize ACPI idle
driver registration") moved the ACPI idle driver registration to
acpi_processor_driver_init() and acpi_processor_power_init() does
not register an idle driver any more.

Accordingly, the cpuidle driver check in __acpi_processor_start() needs
to be updated to avoid calling acpi_processor_power_init() without a
cpuidle driver, in which case the registration of the cpuidle device
in that function would lead to a NULL pointer dereference in
__cpuidle_register_device().

Published: 2026-05-06

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Linux kernel bug is triggered when the ACPI idle driver registration path is executed without an active cpuidle driver. The missing guard causes a NULL pointer dereference in __cpuidle_register_device(), which can result in a kernel panic. The crash forces a system reboot, interrupting all services. The vulnerability does not grant an attacker code execution or direct data compromise.

Affected Systems

The vulnerability affects the Linux kernel. No particular release version is listed in the advisory, so administrators should confirm whether their kernel includes the commit 7a8c994cbb2d that addresses the issue.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity and a single out-of-bound condition that can lead to a crash. The EPSS score is less than 1%, implying a low probability of exploitation. The vulnerability is not listed in CISA’s KEV catalog. The attack vector is not explicitly documented; based on the description, it is inferred that an attacker would need local access to manipulate ACPI events to trigger the fault, making remote exploitation unlikely. The primary consequence of exploitation is an availability loss due to system reboot, with no direct impact on confidentiality or integrity.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`7a8c994cbb2db3c5335cee35fd486557f5aaf7e1`	affected	< 68f38f648e4b5bed2aeadd2f711e25302e6490f8
`7a8c994cbb2db3c5335cee35fd486557f5aaf7e1`	affected	< 6cfed39c2ce64ac024bbde458a9727105e0b8c66
`7a8c994cbb2db3c5335cee35fd486557f5aaf7e1`	affected	< 0089ce1c056aee547115bdc25c223f8f88c08498

Linux

affected

Version	Status	Constraints
`6.18`	affected	—
`0`	unaffected	< 6.18
`6.18.14`	unaffected	≤ 6.18.*
`6.19.4`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[7a8c994cbb2db3c5335cee35fd486557f5aaf7e1,68f38f648e4b5bed2aeadd2f711e25302e6490f8)`	affected	code_commit	—
`[7a8c994cbb2db3c5335cee35fd486557f5aaf7e1,6cfed39c2ce64ac024bbde458a9727105e0b8c66)`	affected	code_commit	—
`[7a8c994cbb2db3c5335cee35fd486557f5aaf7e1,0089ce1c056aee547115bdc25c223f8f88c08498)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.18`	affected	generic	—
`[0,6.18)`	unaffected	generic	—
`[6.18.14,6.19.0)`	unaffected	semver	—
`[6.19.4,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply a kernel update that includes commit 7a8c994cbb2d to eliminate the NULL pointer dereference in __acpi_processor_start()
Ensure that the ACPI idle driver remains enabled in system configuration so the problematic code path is not exercised
Monitor system logs for ACPI-related errors or kernel panics to detect early signs of the issue

Generated by OpenCVE AI on May 12, 2026 at 23:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00013.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/0089ce1c056aee547115bdc25c223f8f88c08498
https://git.kernel.org/stable/c/68f38f648e4b5bed2aeadd2f711e25302e6490f8
https://git.kernel.org/stable/c/6cfed39c2ce64ac024bbde458a9727105e0b8c66
https://lore.kernel.org/linux-cve-announce/2026050618-CVE-2026-43122-6d5d@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43122
https://www.cve.org/CVERecord?id=CVE-2026-43122

History

Tue, 12 May 2026 21:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Thu, 07 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026050618-CVE-2026-43122-6d5d@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43122 https://www.cve.org/CVERecord?id=CVE-2026-43122

Wed, 06 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Update cpuidle driver check in __acpi_processor_start() Commit 7a8c994cbb2d ("ACPI: processor: idle: Optimize ACPI idle driver registration") moved the ACPI idle driver registration to acpi_processor_driver_init() and acpi_processor_power_init() does not register an idle driver any more. Accordingly, the cpuidle driver check in __acpi_processor_start() needs to be updated to avoid calling acpi_processor_power_init() without a cpuidle driver, in which case the registration of the cpuidle device in that function would lead to a NULL pointer dereference in __cpuidle_register_device().
Title		ACPI: processor: Update cpuidle driver check in __acpi_processor_start()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0089ce1c056aee547115bdc25c223f8f88c08498 https://git.kernel.org/stable/c/68f38f648e4b5bed2aeadd2f711e25302e6490f8 https://git.kernel.org/stable/c/6cfed39c2ce64ac024bbde458a9727105e0b8c66

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:27:08.893Z

Updated: 2026-05-11T22:18:10.935Z

Reserved: 2026-05-01T14:12:55.987Z

Link: CVE-2026-43122

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2026-05-06T12:16:29.067

Modified: 2026-05-12T21:17:44.983

Link: CVE-2026-43122

Redhat

Severity :

Publid Date: 2026-05-06T00:00:00Z

Links: CVE-2026-43122 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-13T00:00:17Z

Weaknesses

CWE-476

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object