CVE-2026-43004

Source
https://cve.org/CVERecord?id=CVE-2026-43004
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43004.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43004
Downstream
Published
2026-05-01T14:15:12.032Z
Modified
2026-07-08T08:13:27.073103134Z
Summary
spi: stm32-ospi: Fix resource leak in remove() callback
Details

In the Linux kernel, the following vulnerability has been resolved:

spi: stm32-ospi: Fix resource leak in remove() callback

The remove() callback returned early if pmruntimeresumeandget() failed, skipping the cleanup of spi controller and other resources.

Remove the early return so cleanup completes regardless of PM resume result.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43004.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
79b8a705e26c08f8f09dd55f1dd56f2375973d2d
Fixed
b4ec54c974c6ea68b309989dcc3d3511068f45f3
Fixed
0807532c5ebb72751bfe773e6ae79db0e9c57ab9
Fixed
73cd1f97946ae3796544448ff12c07f399bb2881

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43004.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.15.0
Fixed
6.18.22
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.12

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43004.json"