CVE-2026-43328

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A double free issue exists in the cpufreq dbs governor init() function error path. When the kobject init and add() function fails, the system calls kobject put(&dbs data->attr set.kobj), which triggers the cpufreq dbs data release() callback. This callback executes gov->exit(dbs data) and kfree(dbs data). However, the error path subsequently calls gov->exit(dbs data) and kfree(dbs data) again, leading to a double free condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.