In the Linux kernel, the following vulnerability has been resolved:
schedext: Remove redundant cssput() in scxcgroupinit()
The iterator cssforeachdescendantpre() walks the cgroup hierarchy under cgroup_lock(). It does not increment the reference counts on yielded css structs.
According to the cgroup documentation, cssput() should only be used to release a reference obtained via cssget() or csstrygetonline(). Since the iterator does not use either of these to acquire a reference, calling cssput() in the error path of scxcgroup_init() causes a refcount underflow.
Remove the unbalanced css_put() to prevent a potential Use-After-Free (UAF) vulnerability.
{
"cna_assigner": "Linux",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43438.json"
}