CVE-2026-43313

ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() In acpi_processor_errata_piix4(), the pointer dev is first assigned an IDE
device and then reassigned an ISA device: dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB, ...); dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB_0, ...); If the first lookup succeeds but the second fails, dev becomes NULL. This
leads to a potential null-pointer dereference when dev_dbg() is called: if (errata.piix4.bmisx) dev_dbg(&dev->dev, ...); To prevent this, use two temporary pointers and retrieve each device
independently, avoiding overwriting dev with a possible NULL value. [ rjw: Subject adjustment, added an empty code line ]

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-05-01 CVE Reserved
2026-05-08 CVE Published
2026-05-12 CVE Updated
2026-05-14 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/06724a60cfa9767ea90b0f5d3dfb5cdd251b64f5	2026-03-04
https://git.kernel.org/stable/c/ad86ac604f8391c0212a91412d4f764c7a85f254	2026-03-04
https://git.kernel.org/stable/c/01e8751b37a366b1ca561add0042f2ceb18c03bf	2026-03-04
https://git.kernel.org/stable/c/b803811485ac0b2f774b6bf3abc8b999ba3b7033	2026-03-04
https://git.kernel.org/stable/c/29f60d3d06818d40118a30d663231f027ae87a05	2026-03-04
https://git.kernel.org/stable/c/0398b641be2b66c2fc7e0163c606ef19372e7ad5	2026-03-04
https://git.kernel.org/stable/c/f132e089fe89cadc2098991f0a3cb05c3f824ac6	2026-01-14

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 5.15.202 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 5.15.202"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.1.165 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.1.165"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.6.128 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.6.128"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.12.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.12.75"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.18.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.18.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.19.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.19.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 7.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 7.0"		en		Affected