PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43345 Git CVE debrief

CVE-2026-43345 is a Linux kernel availability issue in the IPA/GSI path for IPA v5.0+. A register-definition mistake left the event ring index unprogrammed, so transfer completions could stop signaling entirely. In practice, that could make gsi_channel_trans_quiesce() wait forever and hang runtime suspend, system suspend, remoteproc stop, and the IPA data path itself.

Vendor
Git
Product
Unknown
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-08
Original CVE updated
2026-05-11
Advisory published
2026-05-08
Advisory updated
2026-05-11

Who should care

Linux kernel maintainers and distributors, especially teams shipping IPA-enabled embedded or mobile platforms using IPA v5.0+ code paths. Operators should pay attention if systems rely on suspend/resume, remoteproc control, or any workflow that quiesces GSI channels.

Technical summary

The CVE description says the event ring index field moved from CH_C_CNTXT_0 to CH_C_CNTXT_1 in IPA v5.0+. The v5.0 register definition used the old identifier ERINDEX instead of CH_ERINDEX in the CH_C_CNTXT_1 fmask array. As a result, no valid event ring was programmed for GSI channels, transfer completions were never signaled, and gsi_channel_trans_quiesce() could block indefinitely in wait_for_completion(). The NVD record assigns CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Defensive priority

High

Recommended defensive actions

  • Apply the upstream/stable Linux kernel fix referenced by the kernel.org stable commit links in the CVE record.
  • Prioritize deployment on systems using IPA v5.0+ paths, especially where suspend/resume, remoteproc, or IPA data-path quiesce operations are exercised.
  • Validate that the kernel build includes the corrected CH_ERINDEX programming for the event ring index field.
  • Monitor devices for indefinite hangs during runtime suspend, system suspend, or remoteproc stop, and treat repeated stalls as a kernel regression until patched.
  • If immediate patching is not possible, reduce exposure by avoiding affected IPA/GSI quiesce paths where operationally feasible.

Evidence notes

This debrief is based on the CVE description, the NVD record, and the CVE metadata provided in the source corpus. The supplied CVE description explicitly states the CH_C_CNTXT_1 field mapping error, the resulting lack of a valid event ring, and the observed hang behavior. The NVD metadata supplies the CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H and a 2026-05-08 publication time with a 2026-05-11 modification time. No additional claims were taken from the linked kernel.org commits beyond their presence as remediation references.

Official resources

Publicly disclosed in the CVE/NVD record on 2026-05-08 and updated on 2026-05-11; timing above uses the supplied CVE published and modified timestamps.