CVE-2026-43486
mediumCVSS v3 Base Score
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.0%
Exploitation probability in 30 days
Top 93% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in the Linux kernel. The `contpte_ptep_set_access_flags()` function, responsible for managing contiguous page table entries (CONT PTEs) on ARM64 architectures, incorrectly determines when an access flag update is a no-op. This can occur when a sibling page table entry's dirty bit causes the target entry to appear already updated. Consequently, page-table walkers, such as those in a System Memory Management Unit (SMMU) or Address Translation Services (ATS), can enter an infinite fault loop, leading to a system crash and a Denial of Service (DoS).
CWE
CWE-835Affected Products
Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9