CVE-2026-43340

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description In the COMEDI subsystem, the struct comedi device contains a spinlock member intended for use by low-level drivers. Certain COMEDI devices can be attached to different low-level drivers during their lifetime via the 'COMEDI DEVCONFIG' ioctl command. This process can lead to inconsistent lock states if there is a mismatch in the spin-lock locking levels used by the successive low-level drivers. The issue occurs specifically when CONFIG LOCKDEP (a lock dependency validator) is enabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.