CVE-2026-43122

MEDIUM

ACPI: processor: Update cpuidle driver check in __acpi_processor_start()

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Update cpuidle driver check in __acpi_processor_start() Commit 7a8c994cbb2d ("ACPI: processor: idle: Optimize ACPI idle driver registration") moved the ACPI idle driver registration to acpi_processor_driver_init() and acpi_processor_power_init() does not register an idle driver any more. Accordingly, the cpuidle driver check in __acpi_processor_start() needs to be updated to avoid calling acpi_processor_power_init() without a cpuidle driver, in which case the registration of the cpuidle device in that function would lead to a NULL pointer dereference in __cpuidle_register_device().

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/68f38f648e4b5bed2aeadd2f711e25302e6490f8

https://git.kernel.org/stable/c/6cfed39c2ce64ac024bbde458a9727105e0b8c66

https://git.kernel.org/stable/c/0089ce1c056aee547115bdc25c223f8f88c08498

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (9)

Linux/Linux < 6.18

Linux/Linux 6.18

Linux/Linux 6.18.14 - 6.18.*

Linux/Linux 6.19.4 - 6.19.*

Linux/Linux 7.0

Linux/Linux 7a8c994cbb2db3c5335cee35fd486557f5aaf7e1 - 0089ce1c056aee547115bdc25c223f8f88c08498

Linux/Linux 7a8c994cbb2db3c5335cee35fd486557f5aaf7e1 - 68f38f648e4b5bed2aeadd2f711e25302e6490f8

Linux/Linux 7a8c994cbb2db3c5335cee35fd486557f5aaf7e1 - 6cfed39c2ce64ac024bbde458a9727105e0b8c66

linux/linux_kernel 6.18 - 6.18.14

Published May 06, 2026

Tracked Since May 06, 2026