Description
In the Linux kernel, the following vulnerability has been resolved:

mfd: macsmc: Initialize mutex

Initialize struct apple_smc's mutex in apple_smc_probe(). Using the
mutex uninitialized surprisingly resulted only in occasional NULL
pointer dereferences in apple_smc_read() calls from the probe()
functions of sub devices.
Published: 2026-05-06
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An uninitialized mutex in the Apple SMC (SMC) driver caused sporadic NULL pointer dereferences during probe operations, leading to kernel crashes and forced system reboots. The flaw represents a denial‑of‑service weakness, primarily due to improper initialization and subsequent null‑pointer dereference. Users of affected Linux kernels are at risk of abrupt service interruption whenever the SMC subsystem is interacted with during boot or runtime.

Affected Systems

All Linux kernel builds that include the vulnerable Apple SMC driver prior to the fix. No specific version numbers are listed, so any kernel containing the uninitialized mutex code is impacted.

Risk and Exploitability

The crash is deterministic only when Apple SMC operations are invoked; an attacker with kernel‑level or privileged access could trigger the vulnerability by interacting with SMC sub‑devices, making exploitation feasible in environments where such access is obtainable. EPSS is not available and the issue is not listed in CISA KEV, but the absence of a CVSS score does not diminish the potential for a system‑wide denial‑of‑service. The attack vector is inferred to be local privileged, given the kernel context of the fault.

Generated by OpenCVE AI on May 6, 2026 at 13:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to a Linux kernel release that includes the Apple SMC mutex initialization fix
  • Rebuild the kernel ensuring the Apple SMC driver is configured to use the corrected probe function
  • Service or distinguish impacted nodes by reviewing dmesg logs for SMC NULL pointer errors and plan replacement or upgrade accordingly

Generated by OpenCVE AI on May 6, 2026 at 13:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 06 May 2026 14:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476
CWE-665

Wed, 06 May 2026 12:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct apple_smc's mutex in apple_smc_probe(). Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in apple_smc_read() calls from the probe() functions of sub devices.
Title mfd: macsmc: Initialize mutex
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-06T11:27:39.223Z

Reserved: 2026-05-01T14:12:55.990Z

Link: CVE-2026-43160

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:33.997

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43160

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T13:45:04Z

Weaknesses