Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation of reply or request queues failed, and the driver freed the memory first, but attempted to mem set the content of the freed memory, leading to a system crash. Add NULL pointer checks for reply and request queues before accessing the reply/request memory during cleanup
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.17, < 6.1.167 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/220d7ca70611a73d50ef8e9edac630ed1ececb7cPatch
- https://git.kernel.org/stable/c/78d3f201f8b609928eade53cf03a52df5415aaf7Patch
- https://git.kernel.org/stable/c/7da755e0d02e9ca035065127e108d1fed8950dc8Patch
- https://git.kernel.org/stable/c/7df0296ad4e9253d12c6dbe7f120044dddc95600Patch
- https://git.kernel.org/stable/c/e978a36f332ede78eb4de037b517db16265d420dPatch
- https://git.kernel.org/stable/c/fa96392ebebc8fade2b878acb14cce0f71016503Patch
FAQ
What is CVE-2026-43473?
CVE-2026-43473 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when ...
How severe is CVE-2026-43473?
CVE-2026-43473 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-43473?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.