CVE-2026-43485 Overview
CVE-2026-43485 is a Linux kernel issue in the nouveau/gsp driver, specifically within the GPU System Processor (GSP) ACPI probe paths. The kernel issued WARN_ON macros that triggered frequently during ACPI probe routines without an actionable remediation path. Maintainers resolved the issue by removing the WARN_ON calls, since the conditions are considered harmless. The change reduces kernel log noise and avoids unnecessary stack traces on systems using NVIDIA GPUs supported by the nouveau driver. The issue carries an unknown severity classification and has no recorded CWE or CVSS vector at this time.
Critical Impact
The flaw produces excessive kernel warnings during nouveau GSP ACPI probing, generating log noise rather than a direct security compromise.
Affected Products
- Linux kernel versions containing the nouveau/gsp ACPI probe WARN_ON instrumentation
- Systems using the nouveau open-source NVIDIA GPU driver with GSP firmware support
- Distributions shipping the affected upstream kernel revisions prior to the referenced stable commits
Discovery Timeline
- 2026-05-13 - CVE-2026-43485 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-43485
Vulnerability Analysis
The issue resides in the nouveau Direct Rendering Manager (DRM) driver, specifically in the GPU System Processor (GSP) subsystem responsible for offloading work to NVIDIA's onboard RISC-V processor. During ACPI probe routines, the driver invoked WARN_ON macros to flag unexpected states.
These assertions fired routinely during normal operation. The kernel community determined the underlying conditions were harmless but had no immediate fix to address the trigger logic. The maintainers therefore removed the WARN_ON instrumentation rather than suppress legitimate warnings elsewhere.
The EPSS score for this issue is 0.017%, reflecting a very low probability of exploitation activity. No known exploit code exists, and the issue is not listed in the CISA Known Exploited Vulnerabilities catalog.
Root Cause
The root cause is overly aggressive use of WARN_ON macros in the nouveau/gsp ACPI probe code paths. The asserted conditions occurred during routine probing without indicating an actual fault. Each WARN_ON trigger emitted a kernel stack trace, polluting logs and potentially tripping panic_on_warn configurations on hardened systems.
Attack Vector
No network or local attack vector has been associated with CVE-2026-43485. The flaw is a kernel logging defect surfaced during normal driver initialization on hardware using the nouveau driver with GSP firmware. Systems configured with panic_on_warn=1 could experience denial of service through kernel panics triggered by the spurious warnings.
For technical details, refer to the upstream patches: Linux Kernel Commit 214b6bd, Linux Kernel Commit 9478c16, and Linux Kernel Commit d1c991c.
Detection Methods for CVE-2026-43485
Indicators of Compromise
- Repeated WARN_ON stack traces referencing nouveau GSP ACPI probe functions in dmesg output
- Unexpected kernel panics on systems configured with panic_on_warn and using the nouveau driver
- High volume of kernel warning messages during boot or GPU initialization on affected kernel versions
Detection Strategies
- Audit kernel build configurations for CONFIG_PANIC_ON_WARN or runtime panic_on_warn sysctl settings on systems running affected kernels
- Review journalctl -k and /var/log/kern.log for nouveau GSP probe warnings to confirm exposure
- Inventory hosts running kernels predating the upstream fix commits to scope patching priorities
Monitoring Recommendations
- Forward kernel logs to a centralized logging or SIEM platform to track warning frequency over time
- Alert on kernel panic events from systems using the nouveau driver to identify systems impacted by spurious warnings
- Track kernel package versions across the fleet to ensure timely application of stable kernel updates
How to Mitigate CVE-2026-43485
Immediate Actions Required
- Apply the upstream stable kernel patches referenced in commits 214b6bd, 9478c16, and d1c991c
- Update to the latest distribution kernel that incorporates the nouveau/gsp WARN_ON removal
- Disable panic_on_warn on affected systems until patches are deployed to prevent unnecessary kernel panics
Patch Information
The fix removes the offending WARN_ON calls in the nouveau/gsp ACPI probe paths. The upstream patches are available in the Linux kernel stable tree under commits 214b6bde0e941a34ba877cf2f26f85d62fb5d598, 9478c166c46934160135e197b049b5a05753f2ad, and d1c991c860496d97044802ea54b30f20db468c1d. Apply the kernel update provided by your Linux distribution maintainer.
Workarounds
- Set sysctl kernel.panic_on_warn=0 at runtime to prevent kernel panics triggered by spurious warnings
- Blacklist the nouveau driver where GPU acceleration is not required, using modprobe.blacklist=nouveau at boot
- Use the proprietary NVIDIA driver as an alternative on affected hardware until kernel patches are applied
# Configuration example
# Disable panic_on_warn at runtime to mitigate spurious WARN_ON panics
sudo sysctl -w kernel.panic_on_warn=0
# Verify current nouveau module status
lsmod | grep nouveau
# Check kernel version and apply distribution updates
uname -r
sudo apt update && sudo apt upgrade linux-image-generic # Debian/Ubuntu
sudo dnf update kernel # Fedora/RHEL
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
