What is GHSA-px47-fmm9-rxw4?

GHSA-px47-fmm9-rxw4 is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL...

Which CVE IDs does GHSA-px47-fmm9-rxw4 cover?

GHSA-px47-fmm9-rxw4 covers the following CVE IDs: CVE-2026-43313. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-px47-fmm9-rxw4?

GHSA-px47-fmm9-rxw4 has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-px47-fmm9-rxw4MediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL...

Vendor

GitHub Security Advisories

Published

May 8, 2026

Last Modified

May 15, 2026

🔗 CVE IDs covered (1)

CVE-2026-43313 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() In acpi_processor_errata_piix4(), the pointer dev is first assigned an IDE device and then reassigned an ISA device: dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB, ...); dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB_0, ...); If the first lookup succeeds but the second fails, dev becomes NULL. This leads to a potential null-pointer dereference when dev_dbg() is called: if (errata.piix4.bmisx) dev_dbg(&dev->dev, ...); To prevent this, use two temporary pointers and retrieve each device independently, avoiding overwriting dev with a possible NULL value. [ rjw: Subject adjustment, added an empty code line ]

🔗 CVE IDs covered (1)

📋 Description

🔗 References (9)