CVE-2026-43434

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in Rust Binder where the system fails to verify ownership before using a Virtual Memory Area (VMA). When installing or zapping missing pages, Rust Binder looks up the VMA by address; however, if the VMA is closed and replaced by another at the same address, pages may be installed into the incorrect VMA. If a page is installed into a writable VMA, it allows writing to binder pages that are typically read-only, which can lead to further security complications.

Recommendations Store a pointer in vm private data and verify that the VMA returned by vma lookup() possesses the correct vm ops and vm private data before use.