CVE-2026-43097

Source
https://cve.org/CVERecord?id=CVE-2026-43097
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43097.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43097
Downstream
Published
2026-05-06T07:40:28.157Z
Modified
2026-07-08T08:02:14.811822335Z
Summary
PCI: hv: Fix double ida_free in hv_pci_probe error path
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: hv: Fix double idafree in hvpci_probe error path

If hvpciprobe() fails after storing the domain number in hbus->bridge->domainnr, there is a call to free this domainnr via pcibusreleaseemuldomainnr(), however, during cleanup, the bridge release callback pcireleasehostbridgedev() also frees the domainnr causing ida_free to be called on same ID twice and triggering following warning:

idafree called for id=28971 which is not allocated. WARNING: lib/idr.c:594 at idafree+0xdf/0x160, CPU#0: kworker/0:2/198 Call Trace: pcibusreleaseemuldomainnr+0x17/0x20 pcireleasehostbridgedev+0x4b/0x60 devicerelease+0x3b/0xa0 kobjectput+0x8e/0x220 devmpciallochostbridgerelease+0xe/0x20 devresreleaseall+0x9a/0xd0 deviceunbindcleanup+0x12/0xa0 reallyprobe+0x1c5/0x3f0 vmbusaddchannelwork+0x135/0x1a0

Fix this by letting pci core handle the free domain_nr and remove the explicit free called in pci-hyperv driver.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43097.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bcce8c74f1ce1e2731ac0261287897e3768767d8
Fixed
21bc8e0ba5c2a081b0a2808c976d4c9dbddf1e48
Fixed
b6422dff0e518245019233432b6bccfc30b73e2f

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43097.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.14

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43097.json"