CVE-2026-43355
BH1780 IIO Light Sensor PM Runtime Leak Fix
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is related to the Linux kernel's iio light sensor driver for the bh1780 device. It involves a power management runtime (PM runtime) reference count leak on an error path. Specifically, the function pm_runtime_put_autosuspend() was not called before an error check, which could cause the PM runtime reference count to not be decremented properly after pm_runtime_get_sync() is called. This means that even if a read operation fails, the reference count might remain incremented, leading to a resource leak.
How can this vulnerability impact me? :
The impact of this vulnerability is a power management runtime reference count leak in the Linux kernel's light sensor driver. This leak can cause the system to hold on to power management resources longer than necessary, potentially leading to increased power consumption or reduced battery life on affected devices. It may also affect system stability if resource leaks accumulate over time.