{
  "public_date" : "2026-05-01T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: spi: stm32-ospi: Fix resource leak in remove() callback",
    "id" : "2464368",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2464368"
  },
  "cwe" : "CWE-772",
  "details" : [ "A flaw was found in the Linux kernel's stm32-ospi driver. The `remove()` callback, which is intended to clean up resources, could exit prematurely under certain power management conditions. This issue prevents the proper release of SPI controller and other system resources, potentially leading to resource exhaustion. This could allow a local attacker to cause a Denial of Service (DoS)." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-43004\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43004\nhttps://lore.kernel.org/linux-cve-announce/2026050153-CVE-2026-43004-13b2@gregkh/T" ],
  "name" : "CVE-2026-43004",
  "csaw" : false
}