CVE-2026-43283
Description
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle dma_free_coherent() in error path takes priv->rx_buf.alloc_len as the dma handle. This would lead to improper unmapping of the buffer. Change the dma handle to priv->rx_buf.alloc_phys.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2026-43283
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2026-43283.html
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/ffe68c3766997d82e9ccaf1cdbd47eba269c4aa2
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/accd0599bc8e73b962247c6c6c70ca7aa1f8e8d0
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/8320727be7ff704e07c87624efc2a4a75f54b3ce
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/7e54ff938bebb173822b4c38b33fc164c1cabf92
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/1e300c33ef3cc544c2b9c693778fe9490cfe9184
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/1b1d3c5d58a80a19d017a409aa2308162bab5bbf
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/1b1371cd4032ae859838ebc74215f569987bb197
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/0f589ee54fd6d76d3f75e745f7f12c64cbd749e5
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| sles | affected | | |
| debian | bookworm | fixed | 6.1.170-1 |
| debian | bullseye | affected | |
| debian | forky | fixed | 6.19.6-1 |
| debian | sid | fixed | 6.19.6-1 |
| debian | trixie | fixed | 6.12.85-1 |
| linux-kernel | affected | 5.10.252 | |
| linux-kernel | 3.15 | affected | |
References
- https://git.kernel.org/stable/c/0f589ee54fd6d76d3f75e745f7f12c64cbd749e5
- https://git.kernel.org/stable/c/1b1371cd4032ae859838ebc74215f569987bb197
- https://git.kernel.org/stable/c/1b1d3c5d58a80a19d017a409aa2308162bab5bbf
- https://git.kernel.org/stable/c/1e300c33ef3cc544c2b9c693778fe9490cfe9184
- https://git.kernel.org/stable/c/7e54ff938bebb173822b4c38b33fc164c1cabf92
- https://git.kernel.org/stable/c/8320727be7ff704e07c87624efc2a4a75f54b3ce
- https://git.kernel.org/stable/c/accd0599bc8e73b962247c6c6c70ca7aa1f8e8d0
- https://git.kernel.org/stable/c/ffe68c3766997d82e9ccaf1cdbd47eba269c4aa2
- https://www.suse.com/security/cve/CVE-2026-43283.html
- https://security-tracker.debian.org/tracker/CVE-2026-43283
Verify integrity in audit chain (admin only). AS-IS.