CVE-2026-43473 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: mpi3mr: Add NULL checks when resetting request and reply queues

The driver encountered a crash during resource cleanup when the reply and
request queues were NULL due to freed memory. This issue occurred when the
creation of reply or request queues failed, and the driver freed the memory
first, but attempted to mem set the content of the freed memory, leading to
a system crash.

Add NULL pointer checks for reply and request queues before accessing the
reply/request memory during cleanup

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`fe6db615156573d3f6a37564b8a590cb03bbaf25`	affected	< 7df0296ad4e9253d12c6dbe7f120044dddc95600
`fe6db615156573d3f6a37564b8a590cb03bbaf25`	affected	< 7da755e0d02e9ca035065127e108d1fed8950dc8
`fe6db615156573d3f6a37564b8a590cb03bbaf25`	affected	< 78d3f201f8b609928eade53cf03a52df5415aaf7
`fe6db615156573d3f6a37564b8a590cb03bbaf25`	affected	< e978a36f332ede78eb4de037b517db16265d420d
`fe6db615156573d3f6a37564b8a590cb03bbaf25`	affected	< 220d7ca70611a73d50ef8e9edac630ed1ececb7c
`fe6db615156573d3f6a37564b8a590cb03bbaf25`	affected	< fa96392ebebc8fade2b878acb14cce0f71016503

Linux

affected

Version	Status	Constraints
`5.17`	affected	—
`0`	unaffected	< 5.17
`6.1.167`	unaffected	≤ 6.1.*
`6.6.130`	unaffected	≤ 6.6.*
`6.12.78`	unaffected	≤ 6.12.*
`6.18.19`	unaffected	≤ 6.18.*
`6.19.9`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/220d7ca70611a73d50ef8e9edac630ed1ececb7c
https://git.kernel.org/stable/c/78d3f201f8b609928eade53cf03a52df5415aaf7
https://git.kernel.org/stable/c/7da755e0d02e9ca035065127e108d1fed8950dc8
https://git.kernel.org/stable/c/7df0296ad4e9253d12c6dbe7f120044dddc95600
https://git.kernel.org/stable/c/e978a36f332ede78eb4de037b517db16265d420d
https://git.kernel.org/stable/c/fa96392ebebc8fade2b878acb14cce0f71016503
https://lore.kernel.org/linux-cve-announce/2026050805-CVE-2026-43473-cae2@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43473
https://www.cve.org/CVERecord?id=CVE-2026-43473

History

Sat, 09 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-825
References		https://lore.kernel.org/linux-cve-announce/2026050805-CVE-2026-43473-cae2@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43473 https://www.cve.org/CVERecord?id=CVE-2026-43473
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Sat, 09 May 2026 06:30:00 +0000

Type	Values Removed	Values Added
References	https://git.kernel.org/stable/c/f8e833572a3e12a2a1ffe7b3646af024264d38ca

Fri, 08 May 2026 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-416

Fri, 08 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation of reply or request queues failed, and the driver freed the memory first, but attempted to mem set the content of the freed memory, leading to a system crash. Add NULL pointer checks for reply and request queues before accessing the reply/request memory during cleanup
Title		scsi: mpi3mr: Add NULL checks when resetting request and reply queues
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/220d7ca70611a73d50ef8e9edac630ed1ececb7c https://git.kernel.org/stable/c/78d3f201f8b609928eade53cf03a52df5415aaf7 https://git.kernel.org/stable/c/7da755e0d02e9ca035065127e108d1fed8950dc8 https://git.kernel.org/stable/c/7df0296ad4e9253d12c6dbe7f120044dddc95600 https://git.kernel.org/stable/c/e978a36f332ede78eb4de037b517db16265d420d https://git.kernel.org/stable/c/f8e833572a3e12a2a1ffe7b3646af024264d38ca https://git.kernel.org/stable/c/fa96392ebebc8fade2b878acb14cce0f71016503

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-08T14:22:32.210Z

Updated: 2026-05-09T04:11:06.114Z

Reserved: 2026-05-01T14:12:56.011Z

Link: CVE-2026-43473

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-08T15:17:00.453

Modified: 2026-05-09T06:16:15.580

Link: CVE-2026-43473

Redhat

Severity : Moderate

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43473 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-09T13:45:34Z

Weaknesses

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object