GHSA-gh6m-4cqq-86hr

GHSA-gh6m-4cqq-86hr PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix previous acpi_processor_errata_piix4() fix After commi f132e089fe89 ("ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4()"), device pointers may be dereferenced after dropping references to the device objects pointed to by them, which may cause a use-after-free to occur. Moreover, debug messages about enabling the errata may be printed if the errata flags corresponding to them are unset. Address all of these issues by moving message printing to the points in the code where the errata flags are set.

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

4593.2.0.yml (github-poc)
4628.1.0.yml (github-poc)

Timeline

Apr 3, 2026 CVE Published
Apr 10, 2026 Security Advisory
Apr 23, 2026 CVE Updated

References

https://nvd.nist.gov/vuln/detail/CVE-2026-23443 advisory
https://git.kernel.org/stable/c/2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2 url
https://git.kernel.org/stable/c/68408e8f9e366ad9850a66ac65cb569f13bf6cd4 url
https://git.kernel.org/stable/c/8583f62259e1b315d5239371adfb36939cdab741 url
https://git.kernel.org/stable/c/98473309a36acc271009b85e0bb53a4c0dddf5c2 url
https://git.kernel.org/stable/c/bf504b229cb8d534eccbaeaa23eba34c05131e25 url
https://git.kernel.org/stable/c/e0c470049344e9346fff79d7e2362212c216665e url
https://git.kernel.org/stable/c/edf4c2aaee08e8fd503fbae705c801e92a0b55d7 url

Open in Interactive Console →