Skip to main content

Linux Kernel EUVDEUVD-2026-27818

| CVE-2026-43257 MEDIUM
Missing Release of Resource after Effective Lifetime (CWE-772)
2026-05-06 Linux GHSA-j6r6-35jf-jm62
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 11, 2026 - 20:30 vuln.today
CVSS changed
May 11, 2026 - 18:22 NVD
5.5 (MEDIUM)
Patch available
May 06, 2026 - 13:32 EUVD
CVE Published
May 06, 2026 - 11:28 nvd
MEDIUM 5.5

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

media: cx88: Add missing unmap in snd_cx88_hw_params()

In error path, add cx88_alsa_dma_unmap() to release resource acquired by cx88_alsa_dma_map().

AnalysisAI

Denial of service in Linux kernel media cx88 driver allows local authenticated attackers to exhaust system resources by triggering a missing DMA unmapping in the snd_cx88_hw_params() error path. The vulnerability causes resource leaks when audio hardware parameter initialization fails, potentially rendering the audio subsystem unavailable. CVSS 5.5 reflects local attack vector with low complexity; EPSS 0.02% indicates minimal real-world exploitation probability despite vendor-released patches across multiple kernel versions.

Technical ContextAI

The cx88 driver handles Conexant CX2388x TV tuner and audio capture hardware. The vulnerability exists in the snd_cx88_hw_params() function within the ALSA (Advanced Linux Sound Architecture) audio subsystem integration. When DMA mapping via cx88_alsa_dma_map() succeeds but subsequent hardware parameter configuration fails, the error path fails to invoke cx88_alsa_dma_unmap() to release acquired DMA resources. This resource leak (CWE-772: Missing Release of Resource after Effective Lifetime) accumulates across failed initialization attempts, eventually exhausting system memory or DMA memory pools needed for normal audio operation. The affected code path is reachable only through ALSA device file descriptors that require local system access and non-root privileges to open.

RemediationAI

Apply kernel update to a patched version: Linux 6.6.128, 6.12.75, 5.15.202, 5.10.252, 6.1.165, 6.18.16, or 6.19.6 depending on the active kernel series in your environment. The fix involves adding a single cx88_alsa_dma_unmap() call to the snd_cx88_hw_params() error path in drivers/media/pci/cx88/cx88-alsa.c. For systems unable to immediately patch, the primary compensating control is to restrict local user access to ALSA audio device files (/dev/snd/*) via file permission changes or AppArmor/SELinux policies - this eliminates the PR:L requirement and prevents non-privileged users from triggering the vulnerability. Kernel module blacklisting (modprobe cx88_alsa blacklist) is a second-order control if cx88 hardware is not in use. No upstream workaround config option is available; patching remains the definitive remediation.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-27818 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy