CVE-2026-43473 Git CVE debrief

Who should care

Linux kernel maintainers, distro kernel packagers, storage platform vendors, and operators running systems that use the mpi3mr SCSI driver. This is especially relevant where queue creation or teardown failures can occur during device initialization, error handling, or resource cleanup.

Technical summary

The vulnerability is a cleanup-path bug in the mpi3mr driver. When reply or request queue creation failed, the associated memory could already be freed or the pointer could be NULL, but the driver still attempted to access and reset the queue contents. The resolved change adds explicit NULL pointer checks before touching reply/request queue memory during cleanup, preventing access to invalid memory and the resulting crash.

Defensive priority

Medium priority for affected systems: the issue is described as a kernel crash in a driver cleanup path, and the corpus does not provide CVSS scoring or broader exploitation context. Systems that load mpi3mr should prioritize patched kernels or backports.

Recommended defensive actions

• Apply the Linux kernel fix referenced by the linked kernel.org stable commits and ensure the change is backported to your supported kernel lines.
• Inventory systems that load or may load the mpi3mr SCSI driver, especially storage platforms and appliances built on Linux kernels.
• Validate cleanup and failure-path behavior in non-production test systems after patching to confirm queue allocation failures no longer trigger crashes.
• Monitor kernel logs for oopses or crashes tied to mpi3mr resource cleanup until patched builds are deployed.
• Coordinate with your kernel vendor or distribution to confirm the exact release that includes this fix, since the provided corpus does not include version ranges.

Evidence notes

The supplied NVD record for CVE-2026-43473 was published on 2026-05-08 and modified on 2026-05-09. Its description states that resource cleanup could crash when reply/request queues were NULL due to freed memory after queue creation failure, and that the fix adds NULL checks before accessing the queue memory. NVD also lists multiple kernel.org stable references associated with the fix. The corpus does not include CVSS metrics, affected version ranges, or commit contents, so impact should be scoped conservatively from the driver/cleanup-path description alone.

Official resources