Linux Kernel: ASoC acp3x-rt5682-max9836 missing clock check causes NULL deref
CVE-2026-43480 Published on May 13, 2026
ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition
In the Linux kernel, the following vulnerability has been resolved:
ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition
The acp3x_5682_init() function did not check the return value of
clk_get(), which could lead to dereferencing error pointers in
rt5682_clk_enable().
Fix this by:
1. Changing clk_get() to the device-managed devm_clk_get().
2. Adding proper IS_ERR() checks for both clock acquisitions.
Products Associated with CVE-2026-43480
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 2dc43ac8da7b2bebc5a51a3d86a6275d78f27cff is affected.
- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 4d802f23fcbfec05134653fd001f6c7c3fd55196 is affected.
- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 2b0c4a399c8d27f20ecf17dda76751141d6dbb59 is affected.
- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 35c7624d30cb45ec336cd16ce072acc32ae351cb is affected.
- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 33de168afdd57265a0e0c20dbd3648a2d8f7cdc4 is affected.
- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 790851ecc983c719fa2e6adb17b02f3acc1d217d is affected.
- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 092522621901b5e6af61db04a53f5b313903c6d0 is affected.
- Version 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d and below 53f3a900e9a383d47af7253076e19f510c5708d0 is affected.
- Version 5.7 is affected.
- Before 5.7 is unaffected.
- Version 5.10.253, <= 5.10.* is unaffected.
- Version 5.15.203, <= 5.15.* is unaffected.
- Version 6.1.167, <= 6.1.* is unaffected.
- Version 6.6.130, <= 6.6.* is unaffected.
- Version 6.12.78, <= 6.12.* is unaffected.
- Version 6.18.19, <= 6.18.* is unaffected.
- Version 6.19.9, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.