SB2026050248 - Improper resource shutdown or release in Linux kernel ethernet cadence driver
Published: May 2, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper resource shutdown or release (CVE-ID: CVE-2026-43014)
CWE-ID: CWE-404 - Improper Resource Shutdown or Release
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper resource shutdown or release in the macb network driver clock registration handling when unregistering fixed rate clocks. A local user can trigger the affected code path to cause a denial of service.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/015aa24d3721a05b40935b8af78b49cadf616b8d
- https://git.kernel.org/stable/c/5392a5174df4f5a2fad2f00e8c617394d0efe031
- https://git.kernel.org/stable/c/54c6f0e7682433abed0304ac2f5cb71a92d4b366
- https://git.kernel.org/stable/c/6ec567425c057fd850651ee09b31d059ef960e0f
- https://git.kernel.org/stable/c/e1f6f47d6e60d51c3294e5b85787e9aee24c450e
- https://git.kernel.org/stable/c/e35dbfdb1b7710f04ff5c9972ea04971d823a22d
- https://git.kernel.org/stable/c/ec1be2ce0d94506f11b22066fd6dc5eb4341b14f
- https://git.kernel.org/stable/c/f0f367a4f459cc8118aadc43c6bba53c60d93f8d