CVE-2026-43440

Published: May 8, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/mana: Null service_wq on setup error to prevent double destroy In mana_gd_setup() error path, set gc->service_wq to NULL after destroy_workqueue() to match the cleanup in mana_gd_cleanup(). This prevents a use-after-free if the workqueue pointer is checked after a failed setup.

Vendor	Product	Versions
Linux	Linux	affected `fa3c2f8d9152344a478abb847081c1b5f84a94f5 - < 59489ce60d7412ed82fb1d8002faa3102dcd4916` affected `a9a7c3203fdc4d4a8d8a7a3b1ed05d2bb4c6e77e - < 6c92392602b451e3869f15ab685f8f650e942b13` affected `f975a0955276579e2176a134366ed586071c7c6a - < 87c2302813abc55c46485711a678e3c312b00666`
Linux	Linux	affected `6.18.16 - < 6.18.19` affected `6.19.6 - < 6.19.9`

References

https://git.kernel.org/stable/c/59489ce60d7412ed82fb1d8002faa3102dcd4916

https://git.kernel.org/stable/c/6c92392602b451e3869f15ab685f8f650e942b13

https://git.kernel.org/stable/c/87c2302813abc55c46485711a678e3c312b00666

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-43440

Description

Affected Products

References