CVE-2026-43240

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> x86/kexec: add a sanity check on previous kernel&amp;#39;s ima kexec buffer<br /> <br /> When the second-stage kernel is booted via kexec with a limiting command<br /> line such as "mem=", the physical range that contains the carried<br /> over IMA measurement list may fall outside the truncated RAM leading to a<br /> kernel panic.<br /> <br /> BUG: unable to handle page fault for address: ffff97793ff47000<br /> RIP: ima_restore_measurement_list+0xdc/0x45a<br /> #PF: error_code(0x0000) – not-present page<br /> <br /> Other architectures already validate the range with page_is_ram(), as done<br /> in commit cbf9c4b9617b ("of: check previous kernel&amp;#39;s ima-kexec-buffer<br /> against memory bounds") do a similar check on x86.<br /> <br /> Without carrying the measurement list across kexec, the attestation<br /> would fail.