CVE-2026-43301

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A PM runtime usage count underflow exists in the wave5 driver. The driver unconditionally calls the pm runtime put sync() function during the remove path, which may conflict with the pm runtime use autosuspend() function called during probe. If the device is already suspended due to autosuspend, the usage count is 0, and calling pm runtime put sync() decrements it to -1, leading to a kernel warning during module unload.

Recommendations Replace the pm runtime put sync() function with pm runtime dont use autosuspend() in the remove path to ensure proper pairing with the probe function and allow pm runtime disable() to handle reference count cleanup correctly.