CVE-2026-43375

Published: May 8, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the structures are needed after disconnect. This driver takes a reference to the USB device during probe but does not to release it on probe failures. Drop the redundant device reference to fix the leak, reduce cargo culting, make it easier to spot drivers where an extra reference is needed, and reduce the risk of further memory leaks.

Vendor	Product	Versions
Linux	Linux	affected `0791c0327a6e4e7691d6fc5ad334c215de04dcc9 - < 3224990fb16a831aabc50b67c74f5d0074ce80dd` affected `0791c0327a6e4e7691d6fc5ad334c215de04dcc9 - < ec9538f9b5cd1db5e8c612aa636b6119b6355c5d` affected `0791c0327a6e4e7691d6fc5ad334c215de04dcc9 - < 224a0d284c3caf1951302d1744a714784febed71`
Linux	Linux	affected `6.15` unaffected `0 - < 6.15` unaffected `6.18.19 - <= 6.18.` unaffected `6.19.9 - <= 6.19.` unaffected `7.0 - <= *`

References

https://git.kernel.org/stable/c/3224990fb16a831aabc50b67c74f5d0074ce80dd

https://git.kernel.org/stable/c/ec9538f9b5cd1db5e8c612aa636b6119b6355c5d

https://git.kernel.org/stable/c/224a0d284c3caf1951302d1744a714784febed71

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-43375

Description

Affected Products

References