CVE-2026-43461
HIGH EPSS 2.1%
Published May 8, 20261mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in aml_sfc_dma_buffer_setup() error paths: 1. Unnecessary goto: When the first DMA mapping (sfc->daddr) fails, nothing needs cleanup. Use direct return instead of goto. 2. Double-unmap bug: When info DMA mapping failed, the code would unmap sfc->daddr inline, then fall through to out_map_data which would unmap it again, causing a double-unmap. 3. Wrong unmap size: The out_map_info label used datalen instead of infolen when unmapping sfc->iaddr, which could lead to incorrect DMA sync behavior.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
2.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 5
References 3
- git.kernel.org https://git.kernel.org/stable/c/0a83d6c9e149a176340190fa9cbadf2266db4c9a
- git.kernel.org https://git.kernel.org/stable/c/b20b437666e1cb26a7c499d1664e8f2a0ac67000
- git.kernel.org https://git.kernel.org/stable/c/c0b88f1176074f80140ed77fce909f254b7180ab
Remediation
- git.kernel.org https://git.kernel.org/stable/c/0a83d6c9e149a176340190fa9cbadf2266db4c9a
- git.kernel.org https://git.kernel.org/stable/c/b20b437666e1cb26a7c499d1664e8f2a0ac67000
- git.kernel.org https://git.kernel.org/stable/c/c0b88f1176074f80140ed77fce909f254b7180ab