Home

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential kernel oops when probe fails When probe of the sdio brcmfmac device fails for some reasons (i.e. missing firmware), the sdiodev->bus is set to error instead of NULL, thus the cleanup later in brcmf_sdio_remove() tries to free resources via invalid bus pointer. This happens because sdiodev->bus is set 2 times: first in brcmf_sdio_probe() and second time in brcmf_sdiod_probe(). Fix this by chaning the brcmf_sdio_probe() function to return the error code and set sdio->bus only there.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-06 | Updated 2026-05-06 | Assigner Linux

Product status

Default status
unaffected

0ff0843310b74e565901d85f849fb308c3b1f220 (git) before 64ccb0aac41c5055780c2a58bbe2c1b362ceccde
affected

0ff0843310b74e565901d85f849fb308c3b1f220 (git) before 379aac7ee8240848aa35f605b06addb4617c863e
affected

0ff0843310b74e565901d85f849fb308c3b1f220 (git) before 243307a0d1b0d01538e202c00454c28b21d4432e
affected

Default status
affected

6.13
affected

Any version before 6.13
unaffected

6.18.16 (semver)
unaffected

6.19.6 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/64ccb0aac41c5055780c2a58bbe2c1b362ceccde

git.kernel.org/...c/379aac7ee8240848aa35f605b06addb4617c863e

git.kernel.org/...c/243307a0d1b0d01538e202c00454c28b21d4432e

cve.org (CVE-2026-43144)

nvd.nist.gov (CVE-2026-43144)

Download JSON