CVE-2026-43313
Received Received - Intake
NULL-pointer Dereference in Linux Kernel ACPI Processor

Publication date: 2026-05-08

Last updated on: 2026-05-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() In acpi_processor_errata_piix4(), the pointer dev is first assigned an IDE device and then reassigned an ISA device: dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB, ...); dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB_0, ...); If the first lookup succeeds but the second fails, dev becomes NULL. This leads to a potential null-pointer dereference when dev_dbg() is called: if (errata.piix4.bmisx) dev_dbg(&dev->dev, ...); To prevent this, use two temporary pointers and retrieve each device independently, avoiding overwriting dev with a possible NULL value. [ rjw: Subject adjustment, added an empty code line ]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-08
Generated
2026-06-19
AI Q&A
2026-05-08
EPSS Evaluated
2026-06-18
NVD
CVE-2026-43313
EUVD
EUVD-2026-28583
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's ACPI processor code, specifically in the function acpi_processor_errata_piix4().

Within this function, a pointer named dev is first assigned to an IDE device and then reassigned to an ISA device. If the first assignment succeeds but the second fails, dev becomes NULL.

Later, the code attempts to use dev without checking if it is NULL, leading to a potential NULL-pointer dereference when dev_dbg() is called.

The fix involves using two temporary pointers to retrieve each device independently, preventing dev from being overwritten with a NULL value.

Impact Analysis

A NULL-pointer dereference in kernel code can cause the affected system to crash or become unstable, potentially leading to a denial of service.

Since this occurs in the Linux kernel's ACPI processor handling, it could impact system reliability and availability.

Mitigation Strategies

The vulnerability is resolved by fixing the null-pointer dereference in the Linux kernel's ACPI processor code. To mitigate this vulnerability immediately, you should update your Linux kernel to a version that includes the fix for CVE-2026-43313.

This fix involves changing the code to use two temporary pointers to retrieve each device independently, avoiding overwriting a device pointer with a NULL value.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43313. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart