CVE-2026-43372

EUVD-2026-28678
In the Linux kernel, the following vulnerability has been resolved:

net: dsa: microchip: Fix error path in PTP IRQ setup

If request_threaded_irq() fails during the PTP message IRQ setup, the
newly created IRQ mapping is never disposed. Indeed, the
ksz_ptp_irq_setup()'s error path only frees the mappings that were
successfully set up.

Dispose the newly created mapping if the associated
request_threaded_irq() fails at setup.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.6.119 ≤
𝑥
< 6.6.130
linuxlinux_kernel
6.12.61 ≤
𝑥
< 6.12.78
linuxlinux_kernel
6.17.11 ≤
𝑥
< 6.18
linuxlinux_kernel
6.18.1 ≤
𝑥
< 6.18.19
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.9
linuxlinux_kernel
6.18
linuxlinux_kernel
7.0:rc1
linuxlinux_kernel
7.0:rc2
linuxlinux_kernel
7.0:rc3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.94-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/3704ac6a0d9a78f66a187515a8ca3faedaf01cc5
https://git.kernel.org/stable/c/6c58a9fdb0d0e1011aa02455d26d6ebea251979b
https://git.kernel.org/stable/c/99c8c16a4aad0b37293cae213e15957c573cf79b
https://git.kernel.org/stable/c/c2d1d41e0e8ec447d40a5752844fc5fb0b23db27
https://git.kernel.org/stable/c/e80fef36c676c947072dabeb5803ae59d92ba493