CVE-2026-43014
Analyzed Analyzed - Analysis Complete
Linux Kernel Clock Rate Leak in MACB Driver

Publication date: 2026-05-01

Last updated on: 2026-05-07

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: macb: properly unregister fixed rate clocks The additional resources allocated with clk_register_fixed_rate() need to be released with clk_unregister_fixed_rate(), otherwise they are lost.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-07
Generated
2026-06-16
AI Q&A
2026-05-02
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43014
EUVD
EUVD-2026-26613
Affected Vendors & Products
Showing 13 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 5.11 (inc) to 5.15.203 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.22 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.168 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.12 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.81 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.134 (exc)
linux linux_kernel From 4.10 (inc) to 5.10.253 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, ensure that your Linux kernel is updated to a version where the issue with clk_unregister_fixed_rate() has been resolved.

This involves applying the patch or upgrading to a kernel version released after 2026-05-01 that properly unregisters fixed rate clocks in the macb network driver.

Executive Summary

This vulnerability in the Linux kernel involves the net: macb component where fixed rate clocks registered with clk_register_fixed_rate() were not properly unregistered using clk_unregister_fixed_rate().

Because the additional resources allocated during the clock registration were not released, they are lost, which indicates a resource management issue.

Impact Analysis

The impact of this vulnerability is related to resource leakage in the Linux kernel's clock management subsystem.

If resources allocated by clk_register_fixed_rate() are not properly released, it could lead to resource exhaustion or instability in the system over time.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43014. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart