CVE-2026-43272

ring-buffer: Fix possible dereference of uninitialized pointer

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is not
initialized at the beginning of a function. This pointer can be dereferenced
if there is a failure during reader page validation. In this case the control
is passed to "invalid" label where the pointer is dereferenced in a loop. To fix the issue initialize orig_head and head_page before calling
rb_validate_buffer. Found by Linux Verification Center (linuxtesting.org) with SVACE.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-05-01 CVE Reserved
2026-05-06 CVE Published
2026-05-11 CVE Updated
2026-05-12 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (4)

URL	Tag	Source
https://git.kernel.org/stable/c/5f3b6e839f3ceb8d6ef02231ba9b5aca71b8bf55	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/bc77986f3cb7476637052edf2d87137fa39f153d	2026-03-04
https://git.kernel.org/stable/c/d9942396845fef2369478c157b26738fe07142f6	2026-03-04
https://git.kernel.org/stable/c/f1547779402c4cd67755c33616b7203baa88420b	2026-02-19

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12 < 6.18.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 6.18.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12 < 6.19.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 6.19.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12 < 7.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 7.0"		en		Affected