PT-2026-40696 · Git+3 · Kernel+94
Published
2026-05-13
·
Updated
2026-05-15
·
CVE-2026-43489
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
An issue exists in the liveupdate component where the system fails to record the status of failed retrieve attempts on a LUO file. When the
luo retrieve file() function fails, it returns an error without storing the attempt or the error code. This allows userspace to trigger the 'LIVEUPDATE SESSION RETRIEVE FD' ioctl again. Such retries are problematic because the file may be in an unexpected state or serialization data structures may have been freed, leading to potential system instability or crashes when attempting to access or free them again. For instance, a retry might cause the kho restore folio() function to be called on an already restored folio, which is an invalid operation. Additionally, the finish() callback may incorrectly assume a retrieve was never attempted during session close, leading to similar issues with data structure access.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Kernel
Linux
Linux-Allwinner-5.19
Linux-Aws-5.0
Linux-Aws-5.11
Linux-Aws-5.13
Linux-Aws-5.19
Linux-Aws-5.3
Linux-Aws-5.8
Linux-Aws-6.14
Linux-Aws-6.2
Linux-Aws-6.5
Linux-Azure
Linux-Azure-5.11
Linux-Azure-5.13
Linux-Azure-5.19
Linux-Azure-5.3
Linux-Azure-5.8
Linux-Azure-6.11
Linux-Azure-6.2
Linux-Azure-6.5
Linux-Azure-Edge
Linux-Azure-Fde
Linux-Azure-Fde-5.19
Linux-Azure-Fde-6.2
Linux-Bluefield
Linux-Gcp
Linux-Gcp-5.11
Linux-Gcp-5.13
Linux-Gcp-5.19
Linux-Gcp-5.3
Linux-Gcp-5.8
Linux-Gcp-6.11
Linux-Gcp-6.14
Linux-Gcp-6.2
Linux-Gcp-6.5
Linux-Gke
Linux-Gke-4.15
Linux-Gkeop-5.15
Linux-Gke-5.4
Linux-Gkeop
Linux-Hwe
Linux-Hwe-5.11
Linux-Hwe-5.13
Linux-Hwe-5.19
Linux-Hwe-5.8
Linux-Hwe-6.11
Linux-Hwe-6.14
Linux-Hwe-6.2
Linux-Hwe-6.5
Linux-Hwe-Edge
Linux-Intel-5.13
Linux-Intel-Iot-Realtime
Linux-Lowlatency-Hwe-5.19
Linux-Lowlatency-Hwe-6.11
Linux-Lowlatency-Hwe-6.2
Linux-Lowlatency-Hwe-6.5
Linux-Nvidia-6.11
Linux-Nvidia-6.2
Linux-Nvidia-6.5
Linux-Nvidia-7.0
Linux-Nvidia-Bos
Linux-Oem
Linux-Oem-5.10
Linux-Oem-5.13
Linux-Oem-5.14
Linux-Oem-5.17
Linux-Oem-5.6
Linux-Oem-6.0
Linux-Oem-6.1
Linux-Oem-6.11
Linux-Oem-6.14
Linux-Oem-6.5
Linux-Oem-6.8
Linux-Oracle-5.0
Linux-Oracle-5.11
Linux-Oracle-5.13
Linux-Oracle-5.3
Linux-Oracle-5.8
Linux-Oracle-6.14
Linux-Oracle-6.5
Linux-Raspi-Realtime
Linux-Raspi2
Linux-Realtime
Linux-Realtime-6.14
Linux-Riscv
Linux-Riscv-5.11
Linux-Riscv-5.19
Linux-Riscv-5.8
Linux-Riscv-6.14
Linux-Riscv-6.5
Linux-Starfive-5.19
Linux-Starfive-6.2
Linux-Starfive-6.5
Linux Kernel