CVE-2026-43335

Source
https://cve.org/CVERecord?id=CVE-2026-43335
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43335.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43335
Downstream
Published
2026-05-08T13:31:21.623Z
Modified
2026-07-08T08:09:35.958899256Z
Summary
interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes()
Details

In the Linux kernel, the following vulnerability has been resolved:

interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes()

The change to dynamic IDs for SM8450 platform interconnects left two links unconverted, fix it to avoid the NULL pointer dereference in runtime, when a pointer to a destination interconnect is not valid:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008
<...>
Call trace:
  icc_link_nodes+0x3c/0x100 (P)
  qcom_icc_rpmh_probe+0x1b4/0x528
  platform_probe+0x64/0xc0
  really_probe+0xc4/0x2a8
  __driver_probe_device+0x80/0x140
  driver_probe_device+0x48/0x170
  __device_attach_driver+0xc0/0x148
  bus_for_each_drv+0x88/0xf0
  __device_attach+0xb0/0x1c0
  device_initial_probe+0x58/0x68
  bus_probe_device+0x40/0xb8
  deferred_probe_work_func+0x90/0xd0
  process_one_work+0x15c/0x3c0
  worker_thread+0x2e8/0x400
  kthread+0x150/0x208
  ret_from_fork+0x10/0x20
 Code: 900310f4 911d6294 91008280 94176078 (f94002a0)
 ---[ end trace 0000000000000000 ]---
 Kernel panic - not syncing: Oops: Fatal exception
Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43335.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
51513bec806fbe1cf9254baed97f115a480bbb53
Fixed
77d22bf3fc5d1bcdee035979b07840c9c2ece8f2
Fixed
dbbd550d7c8d90d3af9fe8a12a9caff077ddb8e3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43335.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.12

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43335.json"