CVE-2026-23387

HIGH

pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe() devm_add_action_or_reset() already invokes the action on failure, so the explicit put causes a double-put.

References (5)

https://git.kernel.org/stable/c/95b14ecc56881dd9a187e1e84dd0daa88ff22c5d

https://git.kernel.org/stable/c/188ba3468cb7c098c62609d82e9fc58d29ead7f4

https://git.kernel.org/stable/c/ea07fcfbba4301839db3784f09955d9fa3e98090

https://git.kernel.org/stable/c/1e0465139fd9caee7ffefe285ef7d5f21919e474

https://git.kernel.org/stable/c/fd5bed798f45eb3a178ad527b43ab92705faaf8a

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-415

Status published

Products (21)

linux/Kernel < 6.6.130linux

linux/Kernel 6.13.0 - 6.18.17linux

linux/Kernel 6.18.0 - 6.19.7linux

linux/Kernel 6.7.0 - 6.12.77linux

Linux/Linux < 6.18

Linux/Linux 36f91eeffd03f5c52406e0c4e2e0fb040307d00c - 188ba3468cb7c098c62609d82e9fc58d29ead7f4

Linux/Linux 6.12.77 - 6.12.*

Linux/Linux 6.18

Linux/Linux 6.18.17 - 6.18.*

Linux/Linux 6.19.7 - 6.19.*

... and 11 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026