Description
In the Linux kernel, the following vulnerability has been resolved:

LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE

The arch definition of cpumask_of_node() cannot handle NUMA_NO_NODE -
which is a valid index - so add a check for this.
Published: 2026-05-06
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The cpumask_of_node() routine in the LoongArch architecture of the Linux kernel fails to validate the NUMA_NO_NODE index, a legitimate value used by the kernel to denote an uninitialized NUMA node. When this unchecked value is passed, the function can access memory outside the intended range, potentially leading to kernel corruption or a panic that results in a system-wide crash. The weakness is rooted in an improper bounds check on a memory buffer, which can directly affect system availability and stability.

Affected Systems

All Linux kernel installations that run on LoongArch processors and were built with a kernel version prior to the application of the fix. The bug applies to both kernel source tree variants listed under Linux:Linux, but no specific sub‑version information is available in the data set.

Risk and Exploitability

No CVSS or EPSS score is published for this entry, and the vulnerability is not included in the CISA KEV catalog. Because the flaw requires manipulation of internal kernel data structures rather than a network accessible input, the practical likelihood of exploitation is low; however, if reached, the impact is a full system crash. The most efficient attack represents an active local privileged exploitation scenario with direct manipulation of kernel memory or the CPU mask functions.

Generated by OpenCVE AI on May 6, 2026 at 14:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Incorporate the supporting patch that adds a check for NUMA_NO_NODE into cpumask_of_node() before updating the kernel
  • Upgrade to a recent kernel release that includes the LoongArch cpumask_of_node fix
  • If an immediate kernel update cannot be applied, reconfigure the system to avoid creating or using NUMA_NO_NODE entries, or disable NUMA support for LoongArch to reduce the attack surface

Generated by OpenCVE AI on May 6, 2026 at 14:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 06 May 2026 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119

Wed, 06 May 2026 12:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE The arch definition of cpumask_of_node() cannot handle NUMA_NO_NODE - which is a valid index - so add a check for this.
Title LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-06T11:28:15.272Z

Reserved: 2026-05-01T14:12:55.993Z

Link: CVE-2026-43212

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:40.687

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43212

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T19:15:10Z

Weaknesses