In the Linux kernel, the following vulnerability has been resolved:
media: chips-media: wave5: Fix PM runtime usage count underflow
Replace pmruntimeputsync() with pmruntimedontuseautosuspend() in the remove path to properly pair with pmruntimeuseautosuspend() from probe. This allows pmruntimedisable() to handle reference count cleanup correctly regardless of current suspend state.
The driver calls pmruntimeputsync() unconditionally in remove, but the device may already be suspended due to autosuspend configured in probe. When autosuspend has already suspended the device, the usage count is 0, and pmruntimeputsync() decrements it to -1.
This causes the following warning on module unload:
------------[ cut here ]------------ WARNING: CPU: 1 PID: 963 at kernel/kthread.c:1430 kthreaddestroyworker+0x84/0x98 ... vdec 30210000.video-codec: Runtime PM usage count underflow!
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43301.json",
"cna_assigner": "Linux"
}