CVE-2026-43004

Published: May 1, 2026Modified: May 12, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: spi: stm32-ospi: Fix resource leak in remove() callback The remove() callback returned early if pm_runtime_resume_and_get() failed, skipping the cleanup of spi controller and other resources. Remove the early return so cleanup completes regardless of PM resume result.

Affected (8)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.15 to 6.18.22
Linux Linux Kernel	From 6.19 to 6.19.12
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6

References (3)

https://git.kernel.org/stable/c/0807532c5ebb72751bfe773e6ae79db0e9c57ab9

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/73cd1f97946ae3796544448ff12c07f399bb2881

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b4ec54c974c6ea68b309989dcc3d3511068f45f3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.