Linux Kernel Vulnerability in ASoC Audio Driver of AMD Products
CVE-2026-43480

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 13 May 2026

What is CVE-2026-43480?

A vulnerability exists in the ASoC audio driver for AMD products within the Linux kernel, specifically related to the acp3x_5682_init() function. The absence of error checking for the return value of clk_get() can result in the dereferencing of error pointers in the rt5682_clk_enable() function, leading to potential instability or crashes. The issue has been addressed by replacing clk_get() with the device-managed devm_clk_get() and incorporating proper IS_ERR() checks to ensure robust error handling for clock acquisitions.

Affected Version(s)

Linux 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d < 2dc43ac8da7b2bebc5a51a3d86a6275d78f27cff

Linux 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d < 4d802f23fcbfec05134653fd001f6c7c3fd55196

Linux 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d < 2b0c4a399c8d27f20ecf17dda76751141d6dbb59

References

https://git.kernel.org/stable/c/2dc43ac8da7b2bebc5a51a3d8...

https://git.kernel.org/stable/c/4d802f23fcbfec05134653fd0...

https://git.kernel.org/stable/c/2b0c4a399c8d27f20ecf17dda...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43480 Data

JSON