CVE-2026-43004

medium

Red Hat

EPSS Score

0.0%

Exploitation probability in 30 days

Top 96% most likely to be exploited

Published: May 1, 2026 (13 days ago)

Last Modified: May 1, 2026

Vendor: Red Hat

Source: REDHAT

Description

A flaw was found in the Linux kernel's stm32-ospi driver. The `remove()` callback, which is intended to clean up resources, could exit prematurely under certain power management conditions. This issue prevents the proper release of SPI controller and other system resources, potentially leading to resource exhaustion. This could allow a local attacker to cause a Denial of Service (DoS).

CWE

CWE-772

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 lore.kernel.org

CVE-2026-43004

Vulnerability Report

Description

CWE

Affected Products

References