CVE-2026-43147

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A deadlock occurs in the Linux kernel when sriov del vfs() is called as part of pci stop and remove bus device(). This happens because the system recursively attempts to acquire the pci rescan remove lock while the lock is already held. The issue can be triggered by writing to the sriov numvfs and remove files within the /sys/bus/pci/devices/ directory. The deadlock involves the sriov disable() function and the pci stop and remove bus device locked() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.