Description
In the Linux kernel, the following vulnerability has been resolved:

net: dsa: microchip: Fix error path in PTP IRQ setup

If request_threaded_irq() fails during the PTP message IRQ setup, the
newly created IRQ mapping is never disposed. Indeed, the
ksz_ptp_irq_setup()'s error path only frees the mappings that were
successfully set up.

Dispose the newly created mapping if the associated
request_threaded_irq() fails at setup.
Published: 2026-05-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw occurs in the Linux kernel’s microchip Distributed Switch Architecture driver during PTP message interrupt setup. If request_threaded_irq() fails, the freshly created IRQ mapping is not freed – the error path only frees mappings that were successfully set up. The orphaned mapping leaves a dangling resource, which can lead to resource exhaustion and a potential denial of service.

Affected Systems

All Linux kernel versions containing the microchip DSA driver before the commit that introduces the fix are affected. Any distribution running such a kernel without the patch is at risk. The affected code path is present in the mainstream kernel series and in recent release candidates such as 7.0 rc1 through rc3.

Risk and Exploitability

The CVSS score of 5.5 classifies this issue as medium severity. An EPSS score of less than 1% indicates a low likelihood of exploitation in the wild. The vulnerability is not listed in CISA’s KEV catalog and no publicly known exploit exists. Exploitation would require an attacker to repeatedly trigger failures during PTP IRQ setup, which typically demands privileged or highly targeted network activity. If achieved, the attacker could drain IRQ mapping or other system resources, causing a denial of service, but no remote code execution is possible.

Generated by OpenCVE AI on May 15, 2026 at 18:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the kernel patch that adds cleanup for the PTP IRQ mapping, ensuring the system runs a kernel with commit 3704ac6a0d9a78f66a187515a8ca3faedaf01cc5 or newer.
  • Disable or unload the microchip DSA driver or PTP subsystem if it is not needed, thereby removing the vulnerable code path from the system.
  • Monitor system logs for repeated request_threaded_irq failures and verify that IRQ mapping counts remain stable after applying the update.

Generated by OpenCVE AI on May 15, 2026 at 18:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Fri, 15 May 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:6.18:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Sat, 09 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References

Fri, 08 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Fri, 08 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If request_threaded_irq() fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed. Indeed, the ksz_ptp_irq_setup()'s error path only frees the mappings that were successfully set up. Dispose the newly created mapping if the associated request_threaded_irq() fails at setup.
Title net: dsa: microchip: Fix error path in PTP IRQ setup
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-23T16:06:51.157Z

Reserved: 2026-05-01T14:12:56.006Z

Link: CVE-2026-43372

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-08T15:16:48.313

Modified: 2026-05-15T15:17:06.590

Link: CVE-2026-43372

cve-icon Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43372 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T18:30:05Z

Weaknesses