CVE-2026-43351

Published: May 8, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgic_allocate_private_irqs_locked() fails for any odd reason, we exit kvm_vgic_create() early, leaving dist->rd_regions uninitialised. kvm_vgic_dist_destroy() then comes along and walks into the weeds trying to free the RDs. Got to love this stuff. Solve it by moving all the static initialisation early, and make sure that if we fail halfway, we're in a reasonable shape to perform the rest of the teardown. While at it, reset the vgic model on failure, just in case...

Vendor	Product	Versions
Linux	Linux	affected `b3aa9283c0c505b5cfd25f7d6cfd720de2adc807 - < b7493f48c3dba75674a4ee505b4afa8fe5102457` affected `b3aa9283c0c505b5cfd25f7d6cfd720de2adc807 - < a24f1d80fbcdbf8b2a7044a00fa12b3972b4c31c` affected `b3aa9283c0c505b5cfd25f7d6cfd720de2adc807 - < ac6769c8f948dff33265c50e524aebf9aa6f1be0`
Linux	Linux	affected `6.14` unaffected `0 - < 6.14` unaffected `6.18.19 - <= 6.18.` unaffected `6.19.9 - <= 6.19.` unaffected `7.0 - <= *`

References

https://git.kernel.org/stable/c/b7493f48c3dba75674a4ee505b4afa8fe5102457

https://git.kernel.org/stable/c/a24f1d80fbcdbf8b2a7044a00fa12b3972b4c31c

https://git.kernel.org/stable/c/ac6769c8f948dff33265c50e524aebf9aa6f1be0

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-43351

Description

Affected Products

References