{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "b69a2afd5afce9bf6d56e349d6ab592c916e20f2"
            },
            {
              "fixed": "37f18915a261afe84dab462624ed829cddb77a9b"
            },
            {
              "fixed": "22e460b6333a5f818b042ac89201f8e735556f4a"
            },
            {
              "fixed": "7e2476057950c174c7b2c2802246707bbfb497e4"
            },
            {
              "fixed": "f8f73bf0f8a57ee9b86792456bd42079bc98c6b7"
            },
            {
              "fixed": "d4a132f121c591b60dbaf57ea91f1faf11631fbc"
            },
            {
              "fixed": "4d7a8f5f28187e3d2958b2a134473da2665207e7"
            },
            {
              "fixed": "c5489d04337b47e93c0623e8145fcba3f5739efd"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Linux",
        "name": "Kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.1.165"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.2.0"
            },
            {
              "fixed": "6.6.128"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.7.0"
            },
            {
              "fixed": "6.6.143"
            },
            {
              "fixed": "6.12.75"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.13.0"
            },
            {
              "fixed": "6.18.16"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.19.0"
            },
            {
              "fixed": "6.19.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43240.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kexec: add a sanity check on previous kernel's ima kexec buffer\n\nWhen the second-stage kernel is booted via kexec with a limiting command\nline such as \"mem=\u003csize\u003e\", the physical range that contains the carried\nover IMA measurement list may fall outside the truncated RAM leading to a\nkernel panic.\n\n    BUG: unable to handle page fault for address: ffff97793ff47000\n    RIP: ima_restore_measurement_list+0xdc/0x45a\n    #PF: error_code(0x0000) – not-present page\n\nOther architectures already validate the range with page_is_ram(), as done\nin commit cbf9c4b9617b (\"of: check previous kernel's ima-kexec-buffer\nagainst memory bounds\") do a similar check on x86.\n\nWithout carrying the measurement list across kexec, the attestation\nwould fail.",
  "id": "CVE-2026-43240",
  "modified": "2026-07-15T01:49:16.079524172Z",
  "published": "2026-05-06T11:28:34.269Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/22e460b6333a5f818b042ac89201f8e735556f4a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/37f18915a261afe84dab462624ed829cddb77a9b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4d7a8f5f28187e3d2958b2a134473da2665207e7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7e2476057950c174c7b2c2802246707bbfb497e4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c5489d04337b47e93c0623e8145fcba3f5739efd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d4a132f121c591b60dbaf57ea91f1faf11631fbc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f8f73bf0f8a57ee9b86792456bd42079bc98c6b7"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43240.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43240"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.8.0",
  "summary": "x86/kexec: add a sanity check on previous kernel's ima kexec buffer"
}