CVE-2026-43276

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free crash occurs on the service rescan PCI path. When mana serv reset() calls mana gd suspend(), the mana gd cleanup() function destroys the gc->service wq workqueue. If the subsequent mana gd resume() fails with -ETIMEDOUT or -EPROTO, the process continues to mana serv rescan(), which triggers pci stop and remove bus device(). This action invokes the PCI .remove callback (mana gd remove), which calls mana gd cleanup() a second time, attempting to destroy the already freed gc->service wq variable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.