{"id":"CVE-2026-43480","summary":"ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition\n\nThe acp3x_5682_init() function did not check the return value of\nclk_get(), which could lead to dereferencing error pointers in\nrt5682_clk_enable().\n\nFix this by:\n1. Changing clk_get() to the device-managed devm_clk_get().\n2. Adding proper IS_ERR() checks for both clock acquisitions.","modified":"2026-07-15T01:49:14.898515591Z","published":"2026-05-13T15:08:28.517Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43480.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/092522621901b5e6af61db04a53f5b313903c6d0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2b0c4a399c8d27f20ecf17dda76751141d6dbb59"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2dc43ac8da7b2bebc5a51a3d86a6275d78f27cff"},{"type":"WEB","url":"https://git.kernel.org/stable/c/33de168afdd57265a0e0c20dbd3648a2d8f7cdc4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/35c7624d30cb45ec336cd16ce072acc32ae351cb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4d802f23fcbfec05134653fd001f6c7c3fd55196"},{"type":"WEB","url":"https://git.kernel.org/stable/c/53f3a900e9a383d47af7253076e19f510c5708d0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/790851ecc983c719fa2e6adb17b02f3acc1d217d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43480.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43480"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6b8e4e7db3cd236a2cbb720360fb135087a2ac1d"},{"fixed":"2dc43ac8da7b2bebc5a51a3d86a6275d78f27cff"},{"fixed":"4d802f23fcbfec05134653fd001f6c7c3fd55196"},{"fixed":"2b0c4a399c8d27f20ecf17dda76751141d6dbb59"},{"fixed":"35c7624d30cb45ec336cd16ce072acc32ae351cb"},{"fixed":"33de168afdd57265a0e0c20dbd3648a2d8f7cdc4"},{"fixed":"790851ecc983c719fa2e6adb17b02f3acc1d217d"},{"fixed":"092522621901b5e6af61db04a53f5b313903c6d0"},{"fixed":"53f3a900e9a383d47af7253076e19f510c5708d0"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43480.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.7.0"},{"fixed":"5.10.253"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.203"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.167"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.130"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.78"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.19"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43480.json"}}],"schema_version":"1.7.5"}