5.5
CVE-2026-43122
- EPSS 0.02%
- Veröffentlicht 06.05.2026 11:27:08
- Zuletzt bearbeitet 12.05.2026 21:17:44
- CVE-Watchlists
- Unerledigt
ACPI: processor: Update cpuidle driver check in __acpi_processor_start()
In the Linux kernel, the following vulnerability has been resolved:
ACPI: processor: Update cpuidle driver check in __acpi_processor_start()
Commit 7a8c994cbb2d ("ACPI: processor: idle: Optimize ACPI idle
driver registration") moved the ACPI idle driver registration to
acpi_processor_driver_init() and acpi_processor_power_init() does
not register an idle driver any more.
Accordingly, the cpuidle driver check in __acpi_processor_start() needs
to be updated to avoid calling acpi_processor_power_init() without a
cpuidle driver, in which case the registration of the cpuidle device
in that function would lead to a NULL pointer dereference in
__cpuidle_register_device().Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.18 < 6.18.14
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.032 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/68f38f648e4b5bed2aeadd2f711e25302e6490f8
https://git.kernel.org/stable/c/6cfed39c2ce64ac024bbde458a9727105e0b8c66
https://git.kernel.org/stable/c/0089ce1c056aee547115bdc25c223f8f88c08498