Skip to main content

Linux Kernel CVE-2026-43372

| EUVDEUVD-2026-28678 MEDIUM
2026-05-08 Linux GHSA-qqh8-qfc3-4qg9
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 15, 2026 - 17:33 vuln.today
CVSS changed
May 15, 2026 - 15:22 NVD
5.5 (MEDIUM)
Patch available
May 08, 2026 - 16:18 EUVD
CVE Published
May 08, 2026 - 14:21 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: microchip: Fix error path in PTP IRQ setup

If request_threaded_irq() fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed. Indeed, the ksz_ptp_irq_setup()'s error path only frees the mappings that were successfully set up.

Dispose the newly created mapping if the associated request_threaded_irq() fails at setup.

AnalysisAI

Resource leak in Linux kernel's Microchip DSA PTP driver allows local authenticated users with low privileges to cause denial of service through high availability impact. The ksz_ptp_irq_setup() function fails to dispose of newly created IRQ mappings when request_threaded_irq() fails during PTP message IRQ setup, leading to resource exhaustion. Vendor patches available across multiple stable kernel branches (6.6.130, 6.12.78, 6.18.19, 6.19.9, 7.0). EPSS score of 0.02% (5th percentile) indicates very low probability of exploitation in the wild, and no public exploit identified at time of analysis.

Technical ContextAI

This vulnerability affects the Linux kernel's Distributed Switch Architecture (DSA) subsystem, specifically the Microchip KSZ switch driver's Precision Time Protocol (PTP) interrupt handling code. The affected component is responsible for setting up threaded interrupt handlers for PTP message processing in Microchip network switches. When the request_threaded_irq() kernel API call fails during initialization, the code path fails to call irq_dispose_mapping() for the newly created IRQ domain mapping, violating the kernel's resource management contract. This results in IRQ descriptor leakage within the kernel's IRQ subsystem. The vulnerability was introduced in commit d0b8fec8ae50 and affects kernel versions from 6.6 through 6.19 and the 7.0 development tree. CPE identifiers confirm impact across the entire Linux kernel product line during the affected version window. The root cause is improper resource cleanup in error handling paths, a common pattern in kernel driver initialization code where multiple resource allocations occur sequentially and partial failure scenarios must unwind correctly.

RemediationAI

Update to patched Linux kernel versions: 6.6.130 or later for the 6.6.x stable series, 6.12.78 or later for 6.12.x, 6.18.19 or later for 6.18.x, 6.19.9 or later for 6.19.x, or version 7.0 or later for mainline kernels. Patches are available from the Linux stable git repository with fix commits 3704ac6a0d9a (6.6 stable), e80fef36c676 (6.12 stable), 6c58a9fdb0d0 (6.18 stable), c2d1d41e0e8e (6.19 stable), and 99c8c16a4aad (mainline). Full patch references at https://git.kernel.org/stable/. If immediate patching is not feasible, consider disabling PTP functionality on Microchip KSZ switches as a temporary workaround by not loading the ksz_ptp module or using kernel module blacklisting (add 'blacklist ksz_ptp' to /etc/modprobe.d/blacklist.conf), though this eliminates precision time synchronization capabilities and may impact time-sensitive networking applications. For systems not using Microchip switches or PTP features, risk is effectively zero. Standard kernel update procedures apply; reboot required for changes to take effect.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-43372 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy