AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-43258: In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory comp

infovulnerability

security

Source: NVD/CVE DatabaseMay 6, 2026CVE-2026-43258

Summary

Alpha Linux systems experience random user-space crashes and memory corruption when memory compaction (a process that reorganizes memory to reduce fragmentation) is enabled, with symptoms including segmentation faults and heap errors. The problem stems from incomplete TLB shootdown (flushing stale memory address translations across processors) during page migration, which Alpha's standard cache coherency method cannot fully prevent. The fix introduces a specialized migration helper that combines MM context invalidation, immediate per-CPU TLB flushing, and cross-CPU synchronization, along with updates to other memory functions for correct multi-processor memory ordering.

Solution / Mitigation

Introduce a migration-specific helper that combines: MM context invalidation (ASN rollover), immediate per-CPU TLB invalidation (TBI), and synchronous cross-CPU shootdown when required. Additionally, update flush_tlb_other() and pte_clear() to use READ_ONCE()/WRITE_ONCE() for correct SMP memory ordering.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

May 6, 2026

Classification

Attack SophisticationModerate

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-43258

First tracked: May 6, 2026 at 02:07 PM

Classified by LLM (prompt v3) · confidence: 95%