CVE-2026-43410

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference occurs in the stratix10-rsu firmware driver when Remote System Update (RSU) is disabled in the First Stage Boot Loader (FSBL). The issue arises because the rsu send async msg() function fails, leading the channel to be freed via stratix10 svc free channel(). Despite this failure, the probe function continues and registers the svc normal to secure thread() function, which then attempts to access the freed channel, resulting in a kernel panic.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.