VDB
DEBIAN-CVE-2026-43473
DEBIAN-CVE-2026-43473
PUBLISHED
CVSS 9.300000190734863 CRITICAL
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation of reply or request queues failed, and the driver freed the memory first, but attempted to mem set the content of the freed memory, leading to a system crash. Add NULL pointer checks for reply and request queues before accessing the reply/request memory during cleanup
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | linux | 6.12.85-1, 6.12.74-2, 6.12.74-2 |
| Debian:14 | linux | 6.12.85-1, 6.12.86-1, 6.13.10-1 |
| Debian:12 | linux | 6.1.153-1, 6.1.158-1, 6.1.159-1 |
Timeline
- May 8, 2026 CVE Published
- May 9, 2026 CVE Updated