CVE-2026-43266

A flaw was found in the Linux kernel's handling of Common Platform Error Records CPER for ARM processors. This vulnerability allows a local attacker or malicious firmware to provide a malformed CPER record with an excessively large section length. The kernel then attempts to read data beyond the...

CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

PT-2026-37617

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the APEI/GHES component where the ghes new function fails to properly validate the size of CPER records. While the logic prevents allocating records larger than GHES...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ghesnew function in APEI GHES not verifying whether the CPER record size exceeds the allocate...