CVE-2026-43014
Linux Kernel Clock Rate Leak in MACB Driver
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves the net: macb component where fixed rate clocks registered with clk_register_fixed_rate() were not properly unregistered using clk_unregister_fixed_rate().
Because the additional resources allocated during the clock registration were not released, they are lost, which indicates a resource management issue.
How can this vulnerability impact me? :
The impact of this vulnerability is related to resource leakage in the Linux kernel's clock management subsystem.
If resources allocated by clk_register_fixed_rate() are not properly released, it could lead to resource exhaustion or instability in the system over time.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that your Linux kernel is updated to a version where the issue with clk_unregister_fixed_rate() has been resolved.
This involves applying the patch or upgrading to a kernel version released after 2026-05-01 that properly unregisters fixed rate clocks in the macb network driver.