pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()
Summary
| CVE | CVE-2026-23387 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-03-25 11:16:39 UTC |
| Updated | 2026-04-24 18:45:08 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe() devm_add_action_or_reset() already invokes the action on failure, so the explicit put causes a double-put. |
Risk And Classification
Primary CVSS: v3.1 7.8 HIGH from [email protected]
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem Types: CWE-415
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected 9026f31a520d43cc01eb1c08938fc19efadd78cc 95b14ecc56881dd9a187e1e84dd0daa88ff22c5d git | Not specified |
| CNA | Linux | Linux | affected 36f91eeffd03f5c52406e0c4e2e0fb040307d00c 188ba3468cb7c098c62609d82e9fc58d29ead7f4 git | Not specified |
| CNA | Linux | Linux | affected 9b07cdf86a0b90556f5b68a6b20b35833b558df3 ea07fcfbba4301839db3784f09955d9fa3e98090 git | Not specified |
| CNA | Linux | Linux | affected 9b07cdf86a0b90556f5b68a6b20b35833b558df3 1e0465139fd9caee7ffefe285ef7d5f21919e474 git | Not specified |
| CNA | Linux | Linux | affected 9b07cdf86a0b90556f5b68a6b20b35833b558df3 fd5bed798f45eb3a178ad527b43ab92705faaf8a git | Not specified |
| CNA | Linux | Linux | affected d7adbba9298fd74dde0abed5c93312c08c9e6507 git | Not specified |
| CNA | Linux | Linux | affected 6.18 | Not specified |
| CNA | Linux | Linux | unaffected 6.18 semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.130 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.77 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.17 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.19.7 6.19.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/1e0465139fd9caee7ffefe285ef7d5f21919e474 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/ea07fcfbba4301839db3784f09955d9fa3e98090 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/95b14ecc56881dd9a187e1e84dd0daa88ff22c5d | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/188ba3468cb7c098c62609d82e9fc58d29ead7f4 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| git.kernel.org/stable/c/fd5bed798f45eb3a178ad527b43ab92705faaf8a | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.