Linux Kernel Vulnerability in VC4 DRM Component
CVE-2026-43072

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 May 2026

What is CVE-2026-43072?

A vulnerability exists in the Linux kernel's VC4 DRM component, specifically in how the function platform_get_irq_byname() handles errors. If an error occurs, this function can return a negative value, which must be checked before passing it directly to devm_request_threaded_irq(). Failing to do so could lead to undefined behavior or system instability, as the improper handling of IRQ requests can disrupt the expected operation of devices relying on this subsystem.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 63c11b19cdc154fa848a6c3b535bfb1dc7b60378

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0185e0494a561edfc482507f9de89c2ad798b33d

References

https://git.kernel.org/stable/c/63c11b19cdc154fa848a6c3b5...

https://git.kernel.org/stable/c/ef2ee9db13b68c5e332b77c0a...

https://git.kernel.org/stable/c/0185e0494a561edfc482507f9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43072 Data

JSON