In the Linux kernel, the following vulnerability has been resolved:
gpio: sysfs: fix chip removal with GPIOs exported over sysfs
Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported attribute will remain under /sys/class/gpio because once we remove the parent device, we can no longer associate the descriptor with it in gpiod_unexport() and never drop the final reference.
Rework the teardown code: provide an unlocked variant of gpiodunexport() and remove all exported GPIOs with the sysfslock taken before unregistering the parent device itself. This is done to prevent any new exports happening before we unregister the device completely.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43181.json",
"cna_assigner": "Linux"
}