CVE-2026-43313
Published: May 8, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() In acpi_processor_errata_piix4(), the pointer dev is first assigned an IDE device and then reassigned an ISA device: dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB, ...); dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB_0, ...); If the first lookup succeeds but the second fails, dev becomes NULL. This leads to a potential null-pointer dereference when dev_dbg() is called: if (errata.piix4.bmisx) dev_dbg(&dev->dev, ...); To prevent this, use two temporary pointers and retrieve each device independently, avoiding overwriting dev with a possible NULL value. [ rjw: Subject adjustment, added an empty code line ]
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 06724a60cfa9767ea90b0f5d3dfb5cdd251b64f5affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < ad86ac604f8391c0212a91412d4f764c7a85f254affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 01e8751b37a366b1ca561add0042f2ceb18c03bfaffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < b803811485ac0b2f774b6bf3abc8b999ba3b7033affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 29f60d3d06818d40118a30d663231f027ae87a05+2 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.15.202 - <= 5.15.*unaffected 6.1.165 - <= 6.1.*unaffected 6.6.128 - <= 6.6.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now