📄 Description (English)
In the Linux kernel, the following vulnerability has been resolved:
soc: ti: pruss: Fix double free in pruss_clk_mux_setup()
In the pruss_clk_mux_setup(), the devm_add_action_or_reset() indirectly
calls pruss_of_free_clk_provider(), which calls of_node_put(clk_mux_np)
on the error path. However, after the devm_add_action_or_reset()
returns, the of_node_put(clk_mux_np) is called again, causing a double
free.
Fix by returning directly, to avoid the duplicate of_node_put().
🤖 AI Executive Summary
CVE-2026-43196 is a double-free vulnerability in the Linux kernel's TI PRUSS (Programmable Real-Time Unit SubSystem) driver affecting the pruss_clk_mux_setup() function. The vulnerability occurs when devm_add_action_or_reset() indirectly triggers pruss_of_free_clk_provider(), which frees a clock node pointer, followed by a duplicate free operation. While no public exploits are available, this memory corruption vulnerability could lead to kernel crashes or potential privilege escalation on affected systems.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 12, 2026 01:37
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily affects Saudi organizations running embedded Linux systems and IoT devices utilizing TI PRUSS hardware, particularly in: Energy sector (ARAMCO's industrial control systems and SCADA networks), Government infrastructure (critical systems running embedded Linux), Telecommunications (STC and other operators' network equipment), and Manufacturing/Industrial sectors. The double-free vulnerability could cause denial of service through kernel panics or enable privilege escalation on affected embedded systems managing critical infrastructure.
🏢 Affected Saudi Sectors
Energy (ARAMCO, oil & gas operations)
Government (critical infrastructure)
Telecommunications (STC, Zain, Mobily)
Manufacturing and Industrial Control Systems
Healthcare (embedded medical devices)
Transportation and Logistics
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
6.8
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:
1. Identify all systems running Linux kernel versions with TI PRUSS driver enabled (check: grep -r 'CONFIG_TI_PRUSS' /boot/config-*)
2. Audit systems using TI PRUSS hardware in production environments
3. Implement kernel module blacklisting if PRUSS is not required: echo 'blacklist pruss' >> /etc/modprobe.d/blacklist.conf
Patching Guidance:
1. Apply the latest stable Linux kernel patch that includes the fix for CVE-2026-43196
2. For systems unable to immediately patch, disable PRUSS driver if not critical to operations
3. Recompile kernel with updated PRUSS driver code or apply backported patch
4. Test patches in non-production environment before deployment
Compensating Controls:
1. Restrict physical access to systems with PRUSS hardware
2. Implement kernel module signing and secure boot to prevent unauthorized driver loading
3. Monitor system logs for kernel panics and memory corruption errors: journalctl -p err
4. Deploy kernel address space layout randomization (ASLR) and stack canaries
Detection Rules:
1. Monitor for kernel oops/panic messages containing 'pruss' or 'clk_mux'
2. Alert on unexpected kernel module unloading/reloading of pruss driver
3. Track memory allocation failures in PRUSS subsystem using kernel tracing
4. Monitor dmesg for 'double free' or 'use-after-free' warnings
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تحديد جميع الأنظمة التي تقوم بتشغيل إصدارات نواة لينكس مع تفعيل برنامج تشغيل TI PRUSS
2. تدقيق الأنظمة التي تستخدم أجهزة TI PRUSS في بيئات الإنتاج
3. تنفيذ إدراج وحدة النواة في القائمة السوداء إذا لم تكن PRUSS مطلوبة
إرشادات التصحيح:
1. تطبيق أحدث تصحيح نواة لينكس المستقر الذي يتضمن الإصلاح
2. للأنظمة غير القادرة على التصحيح الفوري، قم بتعطيل برنامج تشغيل PRUSS
3. إعادة تجميع النواة برمز برنامج التشغيل المحدث أو تطبيق التصحيح المرتجع
4. اختبار التصحيحات في بيئة غير الإنتاج قبل النشر
الضوابط التعويضية:
1. تقييد الوصول المادي إلى الأنظمة التي تحتوي على أجهزة PRUSS
2. تنفيذ توقيع وحدة النواة والإقلاع الآمن
3. مراقبة سجلات النظام للأخطاء والانهيارات
4. نشر تعشوية عنوان مساحة النواة والحماية من تجاوز المكدس
قواعد الكشف:
1. مراقبة رسائل انهيار النواة التي تحتوي على 'pruss'
2. التنبيه على تحميل/إعادة تحميل وحدة النواة غير المتوقعة
3. تتبع فشل تخصيص الذاكرة في نظام PRUSS
4. مراقبة dmesg للتحذيرات المتعلقة بالتحرير المزدوج
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.12.6.1 - Management of technical vulnerabilities
ECC 2024 A.14.2.1 - Secure development policy
ECC 2024 A.12.2.1 - Monitoring and logging of access
🔵 SAMA CSF
ID.RA-1 - Asset management and vulnerability identification
PR.PT-2 - System and communications protection
DE.CM-1 - Detection and analysis of anomalies
🟡 ISO 27001:2022
A.12.2.1 - Monitoring and logging
A.12.6.1 - Management of technical vulnerabilities
A.14.2.1 - Secure development policy
🔗 References & Sources 8
🔗
https://git.kernel.org/stable/c/04dbbb18cc9c8795c9ff47d8994bc03ebfef9d68
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/24c40076e3bc3d73c839c886d6bda1da6c4d9b93
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/69aa67c1e22d13e9aad4b08c86304ad8e743dcab
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/80db65d4acfb9ff12d00172aed39ea8b98261aad
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/818cf66d91c8ef09b01664a12d5f4ea786d64396
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/b7db9953c2f8da37de498198623b05b46f8e2ca0
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/dbda01bf2dfe5af33163e1e5fca1b82b619c2803
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/e113339cc7d23be4948891f3a702e9dce5b47035
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
📦 Affected Products / CPE 7 entries
linux:linux_kernel
linux:linux_kernel
linux:linux_kernel
linux:linux_kernel
linux:linux_kernel
linux:linux_kernel
linux:linux_kernel