Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-53343— ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow

AI Predicted 5.3 Difficulty: Theoretical EPSS 0.16% · P6

Possible ATT&CK Techniques 1AI

T1203 · Exploitation for Client Execution

Affected Version Matrix 17

VendorProductVersion RangeStatus
LinuxLinux8fe148d39c127de3fb78dfa6da95a3608dfda454< c0b8c148a7754826156993ed6442d31536ec86b4affected
ef21187c0672a2b2cbec44f33bab9ec47d5c277c< c2e3aadc8fef7da068490597fc5582f8f362aeb2affected
c86d26b4b089ca294b3b7d915a7da61edb77935f< c74990828d3c486ee44aaa68240eb3abff289d1caffected
44e9a3bb76e5f2eecd374c8176b2c5163c8bb2e2< 517720913bd3c17a52cd55a740064f68455ab88eaffected
44e9a3bb76e5f2eecd374c8176b2c5163c8bb2e2< 2a4dc9a0ac3326e79fb58fdaae724b92127709a9affected
44e9a3bb76e5f2eecd374c8176b2c5163c8bb2e2< 77a1f6883dc6e837bb2cb30b9b02e2f94338e2c6affected
6.1.120< 6.1.176affected
6.6.64< 6.6.143affected
… +9 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-53343

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 ("ARM: 9430/1: entry: Do a dummy read from VMAP shadow") added a dummy read from the KASAN VMAP stack shadow in __switch_to(). The read uses ldr, but the KASAN shadow address is byte-granular and is not guaranteed to be word aligned. ARMv5 faults unaligned word loads. With CONFIG_KASAN_VMALLOC and CONFIG_VMAP_STACK enabled, ARM926/VersatilePB crashes in __switch_to() with an alignment exception before reaching init. Use ldrb for the dummy shadow access. The code only needs to fault in the shadow mapping if the stack shadow is missing, so a byte load is sufficient and matches the granularity of KASAN shadow memory.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会开源的一款操作系统内核。 Linux kernel 6.13版本存在安全漏洞,该漏洞源于KASAN VMAP堆栈影子读取时使用了字加载而非按字节加载,导致未对齐加载在ARMv5上触发对齐异常,可能造成系统崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 8fe148d39c127de3fb78dfa6da95a3608dfda454 ~ c0b8c148a7754826156993ed6442d31536ec86b4 -
LinuxLinux 6.13 -

II. Public POCs for CVE-2026-53343

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-53343

登录查看更多情报信息。

Patches & Fixes for CVE-2026-53343 (5)

Same Patch Batch · Linux · 2026-07-01 · 31 CVEs total

CVE-2026-53339i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()
CVE-2026-53326debugobjects: Don't call fill_pool() in early boot hardirq context
CVE-2026-53327debugobjects: Do not fill_pool() if pi_blocked_on
CVE-2026-53328sched_ext: Don't warn on NULL cgrp_moving_from in scx_cgroup_move_task()
CVE-2026-53329drm/amd/display: Use krealloc_array() in dal_vector_reserve()
CVE-2026-53330drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval()
CVE-2026-53331slimbus: qcom-ngd-ctrl: Avoid ABBA on tx_lock/ctrl->lock
CVE-2026-53332slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd
CVE-2026-53334mm/damon/reclaim: handle ctx allocation failure
CVE-2026-53333mm/mincore: handle non-swap entries before !CONFIG_SWAP guard
CVE-2026-53335mm/damon/lru_sort: handle ctx allocation failure
CVE-2026-53336nvmem: layouts: onie-tlv: fix hang on unknown types
CVE-2026-53337net: bonding: fix NULL pointer dereference in bond_do_ioctl()
CVE-2026-53338net: airoha: Add NULL check for of_reserved_mem_lookup() in airoha_qdma_init_hfwd_queues()
CVE-2026-53340i2c: imx: fix clock and pinctrl state inconsistency in runtime PM
CVE-2026-53356drm/i915/gem: Fix phys BO pread/pwrite with offset
CVE-2026-53342arm64: mm: call pagetable dtor when freeing hot-removed page tables
CVE-2026-53341fhandle: fix UAF due to unlocked ->mnt_ns read in may_decode_fh()
CVE-2026-53344pinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init
CVE-2026-53345KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying

Showing top 20 of 31 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-53343

No comments yet


Leave a comment