CVE-2026-43259
Awaiting Analysis Awaiting Analysis - Queue
USB Driver Data Missing in Linux Kernel

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platform_set_drvdata() as the data will be used in remove().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-05-07
AI Q&A
2026-05-06
EPSS Evaluated
N/A
NVD
CVE-2026-43259
EUVD
EUVD-2026-27821
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
fsl imx8mq_usb *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's phy driver for the fsl-imx8mq-usb platform. The issue was that the platform driver data was not properly set using platform_set_drvdata(), which is necessary because this data is used later in the remove() function. Without setting this data, the remove() function may not operate correctly, potentially leading to improper cleanup or other unintended behavior.


How can this vulnerability impact me? :

If the platform driver data is not set correctly, the remove() function may fail to access necessary data during device removal. This can lead to improper resource cleanup, which might cause system instability, memory leaks, or other unexpected behavior in systems using the affected driver.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart