CVE-2026-43355

MEDIUM

iio: light: bh1780: fix PM runtime leak on error path

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pm_runtime_put_autosuspend() before the error check to ensure the PM runtime reference count is always decremented after pm_runtime_get_sync(), regardless of whether the read operation succeeds or fails.

Scores

CVSS v3 5.5
EPSS 0.0012
EPSS Percentile 2.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-401
Status published
Products (27)
linux/Kernel 4.7.0 - 5.10.253linux
linux/Kernel 5.11.0 - 5.15.211linux
linux/Kernel 5.16.0 - 6.1.167linux
linux/Kernel 6.13.0 - 6.18.19linux
linux/Kernel 6.19.0 - 6.19.9linux
linux/Kernel 6.2.0 - 6.6.130linux
linux/Kernel 6.7.0 - 6.12.95linux
Linux/Linux < 4.7
Linux/Linux 1f0477f18306c018a954e4f333690a9d0f7efc76 - 1eb3af4f59e09323788860a9155e9766b12891e5
Linux/Linux 1f0477f18306c018a954e4f333690a9d0f7efc76 - 33661bfc85c14836bfef4425a74b0ca2df4bb5ad
... and 17 more
Published May 08, 2026
Tracked Since May 08, 2026