CVE-2026-43211

HIGH EPSS 1.4%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_slot_trylock() error handling Commit a4e772898f8b ("PCI: Add missing bridge lock to pci_bus_lock()") delegates the bridge device's pci_dev_trylock() to pci_bus_trylock() in pci_slot_trylock(), but it forgets to remove the corresponding pci_dev_unlock() when pci_bus_trylock() fails. Before a4e772898f8b, the code did: if (!pci_dev_trylock(dev)) /* <- lock bridge device */ goto unlock; if (dev->subordinate) { if (!pci_bus_trylock(dev->subordinate)) { pci_dev_unlock(dev); /* <- unlock bridge device */ goto unlock; } } After a4e772898f8b the bridge-device lock is no longer taken, but the pci_dev_unlock(dev) on the failure path was left in place, leading to the bug. This yields one of two errors: 1. A warning that the lock is being unlocked when no one holds it. 2. An incorrect unlock of a lock that belongs to another thread. Fix it by removing the now-redundant pci_dev_unlock(dev) on the failure path. [Same patch later posted by Keith at https://patch.msgid.link/20260116184150.3013258-1-kbusch@meta.com]

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
1.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥4.19.322  –  <4.20
linuxlinux_kernel*≥5.4.284  –  <5.5
linuxlinux_kernel*≥5.10.226  –  <5.10.252
linuxlinux_kernel*≥5.15.167  –  <5.15.202
linuxlinux_kernel*≥6.1.110  –  <6.1.165
linuxlinux_kernel*≥6.6.51  –  <6.6.128
linuxlinux_kernel*≥6.10.10  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0425aaf20b407d2f2cf3bf469808e4a35f9abb8b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8b08ea9690b212b7bf7f12414039259cf34b1aa0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9368d1ee62829b08aa31836b3ca003803caf0b72
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/943ed56606a7ab2fe5a99cad572dd17d484310c7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a19b61fdb958ffadbba85b43c991eb9fc70c1c1c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd435f4b738130d732ef64e0e57e45185f77165d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ebb27b7399ab8b9eb1f792b329aa5f6250c590d4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fbe06a3058114bf95a17a4941b205f4b321c6f0a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0425aaf20b407d2f2cf3bf469808e4a35f9abb8b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8b08ea9690b212b7bf7f12414039259cf34b1aa0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9368d1ee62829b08aa31836b3ca003803caf0b72
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/943ed56606a7ab2fe5a99cad572dd17d484310c7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a19b61fdb958ffadbba85b43c991eb9fc70c1c1c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd435f4b738130d732ef64e0e57e45185f77165d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ebb27b7399ab8b9eb1f792b329aa5f6250c590d4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fbe06a3058114bf95a17a4941b205f4b321c6f0a
    Patch