{"api_version":"1","generated_at":"2026-04-19T01:13:10+00:00","cve":"CVE-2026-23443","urls":{"html":"https://cve.report/CVE-2026-23443","api":"https://cve.report/api/cve/CVE-2026-23443.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-23443","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-23443"},"summary":{"title":"ACPI: processor: Fix previous acpi_processor_errata_piix4() fix","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: Fix previous acpi_processor_errata_piix4() fix\n\nAfter commi f132e089fe89 (\"ACPI: processor: Fix NULL-pointer dereference\nin acpi_processor_errata_piix4()\"), device pointers may be dereferenced\nafter dropping references to the device objects pointed to by them,\nwhich may cause a use-after-free to occur.\n\nMoreover, debug messages about enabling the errata may be printed\nif the errata flags corresponding to them are unset.\n\nAddress all of these issues by moving message printing to the points\nin the code where the errata flags are set.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-04-03 16:16:28","updated_at":"2026-04-18 09:16:27"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2","name":"https://git.kernel.org/stable/c/2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/edf4c2aaee08e8fd503fbae705c801e92a0b55d7","name":"https://git.kernel.org/stable/c/edf4c2aaee08e8fd503fbae705c801e92a0b55d7","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/bf504b229cb8d534eccbaeaa23eba34c05131e25","name":"https://git.kernel.org/stable/c/bf504b229cb8d534eccbaeaa23eba34c05131e25","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/8583f62259e1b315d5239371adfb36939cdab741","name":"https://git.kernel.org/stable/c/8583f62259e1b315d5239371adfb36939cdab741","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/98473309a36acc271009b85e0bb53a4c0dddf5c2","name":"https://git.kernel.org/stable/c/98473309a36acc271009b85e0bb53a4c0dddf5c2","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/e0c470049344e9346fff79d7e2362212c216665e","name":"https://git.kernel.org/stable/c/e0c470049344e9346fff79d7e2362212c216665e","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/68408e8f9e366ad9850a66ac65cb569f13bf6cd4","name":"https://git.kernel.org/stable/c/68408e8f9e366ad9850a66ac65cb569f13bf6cd4","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-23443","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23443","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 06724a60cfa9767ea90b0f5d3dfb5cdd251b64f5 68408e8f9e366ad9850a66ac65cb569f13bf6cd4 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected ad86ac604f8391c0212a91412d4f764c7a85f254 2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 01e8751b37a366b1ca561add0042f2ceb18c03bf edf4c2aaee08e8fd503fbae705c801e92a0b55d7 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected b803811485ac0b2f774b6bf3abc8b999ba3b7033 e0c470049344e9346fff79d7e2362212c216665e git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 29f60d3d06818d40118a30d663231f027ae87a05 98473309a36acc271009b85e0bb53a4c0dddf5c2 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 0398b641be2b66c2fc7e0163c606ef19372e7ad5 8583f62259e1b315d5239371adfb36939cdab741 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected f132e089fe89cadc2098991f0a3cb05c3f824ac6 bf504b229cb8d534eccbaeaa23eba34c05131e25 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 5.15.202 5.15.203 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.1.165 6.1.167 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.6.128 6.6.130 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.12.75 6.12.78 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.18.16 6.18.20 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.19.6 6.19.10 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"23443","cve":"CVE-2026-23443","epss":"0.000320000","percentile":"0.090980000","score_date":"2026-04-18","updated_at":"2026-04-19 00:10:43"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/acpi/acpi_processor.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"68408e8f9e366ad9850a66ac65cb569f13bf6cd4","status":"affected","version":"06724a60cfa9767ea90b0f5d3dfb5cdd251b64f5","versionType":"git"},{"lessThan":"2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2","status":"affected","version":"ad86ac604f8391c0212a91412d4f764c7a85f254","versionType":"git"},{"lessThan":"edf4c2aaee08e8fd503fbae705c801e92a0b55d7","status":"affected","version":"01e8751b37a366b1ca561add0042f2ceb18c03bf","versionType":"git"},{"lessThan":"e0c470049344e9346fff79d7e2362212c216665e","status":"affected","version":"b803811485ac0b2f774b6bf3abc8b999ba3b7033","versionType":"git"},{"lessThan":"98473309a36acc271009b85e0bb53a4c0dddf5c2","status":"affected","version":"29f60d3d06818d40118a30d663231f027ae87a05","versionType":"git"},{"lessThan":"8583f62259e1b315d5239371adfb36939cdab741","status":"affected","version":"0398b641be2b66c2fc7e0163c606ef19372e7ad5","versionType":"git"},{"lessThan":"bf504b229cb8d534eccbaeaa23eba34c05131e25","status":"affected","version":"f132e089fe89cadc2098991f0a3cb05c3f824ac6","versionType":"git"}]},{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/acpi/acpi_processor.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"5.15.203","status":"affected","version":"5.15.202","versionType":"semver"},{"lessThan":"6.1.167","status":"affected","version":"6.1.165","versionType":"semver"},{"lessThan":"6.6.130","status":"affected","version":"6.6.128","versionType":"semver"},{"lessThan":"6.12.78","status":"affected","version":"6.12.75","versionType":"semver"},{"lessThan":"6.18.20","status":"affected","version":"6.18.16","versionType":"semver"},{"lessThan":"6.19.10","status":"affected","version":"6.19.6","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.203","versionStartIncluding":"5.15.202","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.167","versionStartIncluding":"6.1.165","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.130","versionStartIncluding":"6.6.128","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.78","versionStartIncluding":"6.12.75","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.20","versionStartIncluding":"6.18.16","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.19.10","versionStartIncluding":"6.19.6","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: Fix previous acpi_processor_errata_piix4() fix\n\nAfter commi f132e089fe89 (\"ACPI: processor: Fix NULL-pointer dereference\nin acpi_processor_errata_piix4()\"), device pointers may be dereferenced\nafter dropping references to the device objects pointed to by them,\nwhich may cause a use-after-free to occur.\n\nMoreover, debug messages about enabling the errata may be printed\nif the errata flags corresponding to them are unset.\n\nAddress all of these issues by moving message printing to the points\nin the code where the errata flags are set."}],"providerMetadata":{"dateUpdated":"2026-04-18T08:58:56.805Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/68408e8f9e366ad9850a66ac65cb569f13bf6cd4"},{"url":"https://git.kernel.org/stable/c/2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2"},{"url":"https://git.kernel.org/stable/c/edf4c2aaee08e8fd503fbae705c801e92a0b55d7"},{"url":"https://git.kernel.org/stable/c/e0c470049344e9346fff79d7e2362212c216665e"},{"url":"https://git.kernel.org/stable/c/98473309a36acc271009b85e0bb53a4c0dddf5c2"},{"url":"https://git.kernel.org/stable/c/8583f62259e1b315d5239371adfb36939cdab741"},{"url":"https://git.kernel.org/stable/c/bf504b229cb8d534eccbaeaa23eba34c05131e25"}],"title":"ACPI: processor: Fix previous acpi_processor_errata_piix4() fix","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-23443","datePublished":"2026-04-03T15:15:27.698Z","dateReserved":"2026-01-13T15:37:46.018Z","dateUpdated":"2026-04-18T08:58:56.805Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-03 16:16:28","lastModifiedDate":"2026-04-18 09:16:27","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"23443","Ordinal":"1","Title":"ACPI: processor: Fix previous acpi_processor_errata_piix4() fix","CVE":"CVE-2026-23443","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"23443","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: Fix previous acpi_processor_errata_piix4() fix\n\nAfter commi f132e089fe89 (\"ACPI: processor: Fix NULL-pointer dereference\nin acpi_processor_errata_piix4()\"), device pointers may be dereferenced\nafter dropping references to the device objects pointed to by them,\nwhich may cause a use-after-free to occur.\n\nMoreover, debug messages about enabling the errata may be printed\nif the errata flags corresponding to them are unset.\n\nAddress all of these issues by moving message printing to the points\nin the code where the errata flags are set.","Type":"Description","Title":"ACPI: processor: Fix previous acpi_processor_errata_piix4() fix"}]}}}