CVE-2026-43183
Resource Leak in Linux Kernel cx25821 Driver
Publication date: 2026-05-06
Last updated on: 2026-05-11
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 6.2 (inc) to 6.6.128 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.75 (exc) |
| linux | linux_kernel | From 6.13 (inc) to 6.18.16 (exc) |
| linux | linux_kernel | From 6.19 (inc) to 6.19.6 (exc) |
| linux | linux_kernel | From 5.11 (inc) to 5.15.202 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.165 (exc) |
| linux | linux_kernel | From 2.6.32 (inc) to 5.10.252 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a resource leak in the Linux kernel's media driver for cx25821 devices. Specifically, the function cx25821_dev_setup() did not properly release a memory region if the ioremap() call failed. The fix involves adding a call to release_mem_region() to ensure that the memory region obtained by cx25821_get_resources() is released when ioremap() fails.
How can this vulnerability impact me? :
A resource leak in the kernel can lead to inefficient use of system resources, potentially causing system instability or degraded performance over time. If memory regions are not properly released, it could eventually exhaust available resources, affecting the reliability of the system.