CVE-2026-43357

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description In the mpu3050-core gyro component, the driver fails to check the return value of the pm runtime get sync() function. This allows the driver to attempt hardware access even if the device fails to resume. Additionally, the device usage count is incremented unconditionally. The issue is addressed by using pm runtime resume and get(), which ensures errors are propagated and prevents the usage count from increasing upon failure.

Recommendations Update the Linux kernel to a version where the pm runtime get sync() function is replaced by pm runtime resume and get() in the mpu3050-core driver and pm runtime put autosuspend() is added to the set 8khz samplerate() failure path in preenable.