CVE-2026-43135 - Vulnerability Details

- media: cx23885: Add missing unmap in snd_cx23885_hw_params()

Description

In the Linux kernel, the following vulnerability has been resolved:

media: cx23885: Add missing unmap in snd_cx23885_hw_params()

In error path, add cx23885_alsa_dma_unmap() to release the
resource acquired by cx23885_alsa_dma_map().

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The Linux kernel driver for CX23885 audio hardware contains a flaw where an error path fails to call cx23885_alsa_dma_unmap(), leaving a DMA mapping unreleased. This leads to a resource leak; subsequent attempts to map or use the device may fail, potentially corrupting memory or exhausting kernel address space. The impact is that an attacker who can control the driver’s initialization or can trigger repeated failures could cause the system to become unstable or crash, affecting availability.

Affected Systems

All Linux kernel installations that include the media driver cx23885, regardless of vendor. Any system running an older kernel that uses the cx23885 module is potentially affected; the problem does not appear to affect other drivers.

Risk and Exploitability

The vulnerability is a resource‑leak flaw (CWE‑401). No public exploit has been reported and it is not listed in CISA’s KEV catalog. The EPSS score is not available, so the likelihood of exploitation remains uncertain. However, because the flaw can lead to system instability or DoS, it should be treated with caution. The severity depends on whether the affected device is actively used; a server with no CX23885 hardware is not impacted even if the driver remains compiled.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< fda46c9025b755ea50a969b960f333be62421b71
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< 0b7f56084cc3d7766bf274b71cd14cc9674b76bf
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< 505630dd1ebf4b53d3f2866c057ddd93157a24d8
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< 544215cc37d032ccaf1919852c05e2439a4d7540
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< 9c0a6ff538660c36a98081916a24f08d55a91331
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< 9544b73cad4ee667fed6a60f71570c58a870a735
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< fc4df593a8ffded2f77d69a73ecb51d364932ca5
`9529a4b0cf49163e489446ec159a2dfb64f78df8`	affected	< 141c81849fab2ad4d6e3fdaff7cbaa873e8b5eb2

Linux

affected

Version	Status	Constraints
`3.18`	affected	—
`0`	unaffected	< 3.18
`5.10.252`	unaffected	≤ 5.10.*
`5.15.202`	unaffected	≤ 5.15.*
`6.1.165`	unaffected	≤ 6.1.*
`6.6.128`	unaffected	≤ 6.6.*
`6.12.75`	unaffected	≤ 6.12.*
`6.18.16`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,fda46c9025b755ea50a969b960f333be62421b71)`	affected	code_commit	—
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,0b7f56084cc3d7766bf274b71cd14cc9674b76bf)`	affected	code_commit	—
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,505630dd1ebf4b53d3f2866c057ddd93157a24d8)`	affected	code_commit	—
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,544215cc37d032ccaf1919852c05e2439a4d7540)`	affected	code_commit	—
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,9c0a6ff538660c36a98081916a24f08d55a91331)`	affected	code_commit	—
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,9544b73cad4ee667fed6a60f71570c58a870a735)`	affected	code_commit	—
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,fc4df593a8ffded2f77d69a73ecb51d364932ca5)`	affected	code_commit	—
`[9529a4b0cf49163e489446ec159a2dfb64f78df8,141c81849fab2ad4d6e3fdaff7cbaa873e8b5eb2)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`3.18`	affected	semver	—
`[0,3.18)`	unaffected	semver	—
`[5.10.252,5.11.0)`	unaffected	semver	—
`[5.15.202,5.16.0)`	unaffected	semver	—
`[6.1.165,6.2.0)`	unaffected	semver	—
`[6.6.128,6.7.0)`	unaffected	semver	—
`[6.12.75,6.13.0)`	unaffected	semver	—
`[6.18.16,6.19.0)`	unaffected	semver	—
`[6.19.6,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Linux kernel patch that implements the missing unmap in snd_cx23885_hw_params(); the patch is available in kernel revisions after commit 0b7f5608.
If an update cannot be applied immediately, disable the cx23885 device in the kernel configuration, or unload the module to prevent its usage until the fix is applied.
Monitor system logs (dmesg, /var/log/kern.log) for DMA mapping or resource allocation errors, and set alerts for any kernel panics or repeated allocation failures.

Generated by OpenCVE AI on May 6, 2026 at 13:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/0b7f56084cc3d7766bf274b71cd14cc9674b76bf
https://git.kernel.org/stable/c/141c81849fab2ad4d6e3fdaff7cbaa873e8b5eb2
https://git.kernel.org/stable/c/505630dd1ebf4b53d3f2866c057ddd93157a24d8
https://git.kernel.org/stable/c/544215cc37d032ccaf1919852c05e2439a4d7540
https://git.kernel.org/stable/c/9544b73cad4ee667fed6a60f71570c58a870a735
https://git.kernel.org/stable/c/9c0a6ff538660c36a98081916a24f08d55a91331
https://git.kernel.org/stable/c/fc4df593a8ffded2f77d69a73ecb51d364932ca5
https://git.kernel.org/stable/c/fda46c9025b755ea50a969b960f333be62421b71

History

Wed, 06 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Add missing unmap in snd_cx23885_hw_params() In error path, add cx23885_alsa_dma_unmap() to release the resource acquired by cx23885_alsa_dma_map().
Title		media: cx23885: Add missing unmap in snd_cx23885_hw_params()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0b7f56084cc3d7766bf274b71cd14cc9674b76bf https://git.kernel.org/stable/c/141c81849fab2ad4d6e3fdaff7cbaa873e8b5eb2 https://git.kernel.org/stable/c/505630dd1ebf4b53d3f2866c057ddd93157a24d8 https://git.kernel.org/stable/c/544215cc37d032ccaf1919852c05e2439a4d7540 https://git.kernel.org/stable/c/9544b73cad4ee667fed6a60f71570c58a870a735 https://git.kernel.org/stable/c/9c0a6ff538660c36a98081916a24f08d55a91331 https://git.kernel.org/stable/c/fc4df593a8ffded2f77d69a73ecb51d364932ca5 https://git.kernel.org/stable/c/fda46c9025b755ea50a969b960f333be62421b71

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:27:22.226Z

Updated: 2026-05-06T11:27:22.226Z

Reserved: 2026-05-01T14:12:55.988Z

Link: CVE-2026-43135

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:30.747

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43135

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T15:00:06Z

Weaknesses

CWE-401

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object