In the Linux kernel, the following vulnerability has been resolved:
dm mpath: Add missing dmputdevice when failing to get scsi dh name
When commit fd81bc5cca8f ("scsi: devicehandler: Return error pointer in scsidhattachedhandlername()") added code to fail parsing the path if scsidhattachedhandlername() failed with -ENOMEM, it didn't clean up the reference to the path device that had just been taken. Fix this, and steamline the error paths of parsepath() a little.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43192.json",
"cna_assigner": "Linux"
}