Improper Check or Handling of Exceptional Conditions in Linux kernel - CVE-2026-43357
Published: May 9, 2026
Vulnerability identifier: #VU130826
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-43357
CWE-ID: CWE-703
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper error handling in the mpu3050 gyroscope driver power management logic when resuming the device for preenable operations. A local user can trigger the vulnerable code path to cause a denial of service.
The issue occurs because the driver may access hardware that failed to resume, and the device usage count may be incremented even on failure.
How to mitigate CVE-2026-43357
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/2a86a396aa001a9f9ba2d37dda36573a76f17c90
- https://git.kernel.org/stable/c/35f54e7bcb1eccdc6e5bff06580eeef2e0ff3677
- https://git.kernel.org/stable/c/42685cf96e28262e0b84d74447f3d99f3f6a72e0
- https://git.kernel.org/stable/c/66c0d1d600e7be034959cf49edab104cb5a39258
- https://git.kernel.org/stable/c/7a3dec5b265cf87678b10c98a72a435a8e769bb7
- https://git.kernel.org/stable/c/8544c488e50206f00630a8bbba43d2c8bd290345
- https://git.kernel.org/stable/c/935f57dd43492240e1ca220dd065d624efece6be
- https://git.kernel.org/stable/c/acc3949aab3e8094641a9c7c2768de1958c88378