CVE-2026-43473

MEDIUM

scsi: mpi3mr: Add NULL checks when resetting request and reply queues

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation of reply or request queues failed, and the driver freed the memory first, but attempted to mem set the content of the freed memory, leading to a system crash. Add NULL pointer checks for reply and request queues before accessing the reply/request memory during cleanup

Scores

CVSS v3 5.5
EPSS 0.0011
EPSS Percentile 1.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (29)
linux/Kernel 5.17.0 - 6.1.167linux
linux/Kernel 6.13.0 - 6.18.19linux
linux/Kernel 6.19.0 - 6.19.9linux
linux/Kernel 6.2.0 - 6.6.130linux
linux/Kernel 6.7.0 - 6.12.78linux
Linux/Linux < 5.17
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 220d7ca70611a73d50ef8e9edac630ed1ececb7c
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 78d3f201f8b609928eade53cf03a52df5415aaf7
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 7da755e0d02e9ca035065127e108d1fed8950dc8
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 7df0296ad4e9253d12c6dbe7f120044dddc95600
... and 19 more
Published May 08, 2026
Tracked Since May 08, 2026