CVE-2026-43346

Published: May 8, 2026Modified: May 15, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF which doesn't own the source timer. In that case the PTP controlling PF (adapter->ctrl_pf) is never initialized in the VM, so ice_get_ctrl_ptp() returns NULL and triggers WARN_ON() in ice_ptp_setup_pf(). Since this is an expected behavior in that configuration, replace WARN_ON() with an informational message and return -EOPNOTSUPP.

Affected (10)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.12.11 to 6.13
Linux Linux Kernel	From 6.13 to 6.18.24
Linux Linux Kernel	From 6.19 to 6.19.14
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6
Linux Linux Kernel	Version 7.0 rc7

Related CWEs

CWE-617

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (3)

https://git.kernel.org/stable/c/bb3f21edc7056cdf44a7f7bd7ba65af40741838c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c73f365707d3b1b78b7d16e1f029020d1ae50d0f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e19675b384e9dcaca1bd5e4a67b8ad136eccfbe8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.