CVE-2026-23443

{"id": "CVE-2026-23443", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2026-04-03T16:16:28.573", "references": [{"url": "https://git.kernel.org/stable/c/2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/68408e8f9e366ad9850a66ac65cb569f13bf6cd4", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/8583f62259e1b315d5239371adfb36939cdab741", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/98473309a36acc271009b85e0bb53a4c0dddf5c2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bf504b229cb8d534eccbaeaa23eba34c05131e25", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e0c470049344e9346fff79d7e2362212c216665e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/edf4c2aaee08e8fd503fbae705c801e92a0b55d7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: Fix previous acpi_processor_errata_piix4() fix\n\nAfter commi f132e089fe89 (\"ACPI: processor: Fix NULL-pointer dereference\nin acpi_processor_errata_piix4()\"), device pointers may be dereferenced\nafter dropping references to the device objects pointed to by them,\nwhich may cause a use-after-free to occur.\n\nMoreover, debug messages about enabling the errata may be printed\nif the errata flags corresponding to them are unset.\n\nAddress all of these issues by moving message printing to the points\nin the code where the errata flags are set."}], "lastModified": "2026-04-23T20:58:48.307", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D54E2FD5-7EF9-426A-9AE1-8E8DA970BCC8", "versionEndExcluding": "6.1.167", "versionStartIncluding": "6.1.165"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2099D3D0-97C6-44C5-913D-E616B07A9237", "versionEndExcluding": "6.6.130", "versionStartIncluding": "6.6.128"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAB9F88E-FB55-4FDB-966E-E7FC262B2038", "versionEndExcluding": "6.12.78", "versionStartIncluding": "6.12.75"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "234D2F07-A17A-49BE-8B89-9C6756315A38", "versionEndExcluding": "6.18.20", "versionStartIncluding": "6.18.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20A592B7-9A05-4B02-A583-F1B95CD93223", "versionEndExcluding": "6.19.10", "versionStartIncluding": "6.19.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15.202:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "822A7BB5-FF38-425A-B8A8-9F102CF92C36"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}