CVE-2026-43337

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference exists in the dcn401 init hw() function. The issue occurs because the function assumes the update bw bounding box() callback is valid when entering the update path. Specifically, a conditional check allows the freq changed branch to evaluate as true regardless of whether the callback pointer is valid, potentially leading to the execution of update bw bounding box() while it is NULL. This is resolved by validating the callback, dc->clk mgr, and bw params before use.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.