HOMEVULNERABILITIESCVE-2026-43015
HIGH

CVE-2026-43015

Published: May 1, 2026· Updated: May 7, 2026

7.8
CVSS v3.1
EPSS:0.02%probability of exploitation in 30 daysPercentile:6.8th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

net: macb: fix clk handling on PCI glue driver removal

platform_device_unregister() may still want to use the registered clks

during runtime resume callback.

Note that there is a commit d82d5303c4c5 ("net: macb: fix use after free

on rmmod") that addressed the similar problem of clk vs platform device

unregistration but just moved the bug to another place.

Save the pointers to clks into local variables for reuse after platform

device is unregistered.

BUG: KASAN: use-after-free in clk_prepare+0x5a/0x60

Read of size 8 at addr ffff888104f85e00 by task modprobe/597

CPU: 2 PID: 597 Comm: modprobe Not tainted 6.1.164+ #114

Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014

Call Trace:

<TASK>

dump_stack_lvl+0x8d/0xba

print_report+0x17f/0x496

kasan_report+0xd9/0x180

clk_prepare+0x5a/0x60

macb_runtime_resume+0x13d/0x410 [macb]

pm_generic_runtime_resume+0x97/0xd0

__rpm_callback+0xc8/0x4d0

rpm_callback+0xf6/0x230

rpm_resume+0xeeb/0x1a70

__pm_runtime_resume+0xb4/0x170

bus_remove_device+0x2e3/0x4b0

device_del+0x5b3/0xdc0

platform_device_del+0x4e/0x280

platform_device_unregister+0x11/0x50

pci_device_remove+0xae/0x210

device_remove+0xcb/0x180

device_release_driver_internal+0x529/0x770

driver_detach+0xd4/0x1a0

bus_remove_driver+0x135/0x260

driver_unregister+0x72/0xb0

pci_unregister_driver+0x26/0x220

__do_sys_delete_module+0x32e/0x550

do_syscall_64+0x35/0x80

entry_SYSCALL_64_after_hwframe+0x6e/0xd8

</TASK>

Allocated by task 519:

kasan_save_stack+0x2c/0x50

kasan_set_track+0x21/0x30

__kasan_kmalloc+0x8e/0x90

__clk_register+0x458/0x2890

clk_hw_register+0x1a/0x60

__clk_hw_register_fixed_rate+0x255/0x410

clk_register_fixed_rate+0x3c/0xa0

macb_probe+0x1d8/0x42e [macb_pci]

local_pci_probe+0xd7/0x190

pci_device_probe+0x252/0x600

really_probe+0x255/0x7f0

__driver_probe_device+0x1ee/0x330

driver_probe_device+0x4c/0x1f0

__driver_attach+0x1df/0x4e0

bus_for_each_dev+0x15d/0x1f0

bus_add_driver+0x486/0x5e0

driver_register+0x23a/0x3d0

do_one_initcall+0xfd/0x4d0

do_init_module+0x18b/0x5a0

load_module+0x5663/0x7950

__do_sys_finit_module+0x101/0x180

do_syscall_64+0x35/0x80

entry_SYSCALL_64_after_hwframe+0x6e/0xd8

Freed by task 597:

kasan_save_stack+0x2c/0x50

kasan_set_track+0x21/0x30

kasan_save_free_info+0x2a/0x50

__kasan_slab_free+0x106/0x180

__kmem_cache_free+0xbc/0x320

clk_unregister+0x6de/0x8d0

macb_remove+0x73/0xc0 [macb_pci]

pci_device_remove+0xae/0x210

device_remove+0xcb/0x180

device_release_driver_internal+0x529/0x770

driver_detach+0xd4/0x1a0

bus_remove_driver+0x135/0x260

driver_unregister+0x72/0xb0

pci_unregister_driver+0x26/0x220

__do_sys_delete_module+0x32e/0x550

do_syscall_64+0x35/0x80

entry_SYSCALL_64_after_hwframe+0x6e/0xd8

NVD Source

Technical Analysis

CVE-2026-43015 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), availability disruption (denial of service), with a CVSS base score of 7.8.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorLocal
Attack ComplexityLow
Privileges Req.Low
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Vendors & Products

Linux1 product
linux kernel
Source: NVD CPE · 3 total CPE entries

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

Official Patches & Advisories

All References (8)

Quick Facts

CVE IDCVE-2026-43015
CVSS Score7.8 / 10
SeverityHIGH
CISA KEVNo
EPSS (30d)0.02%
Affected1 vendor
PublishedMay 1, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-43015 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.