CVE-2026-43480 PUBLISHED

ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition

Assigner: Linux
Reserved: 01.05.2026 Published: 13.05.2026 Updated: 13.05.2026

In the Linux kernel, the following vulnerability has been resolved:

ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition

The acp3x_5682_init() function did not check the return value of clk_get(), which could lead to dereferencing error pointers in rt5682_clk_enable().

Fix this by: 1. Changing clk_get() to the device-managed devm_clk_get(). 2. Adding proper IS_ERR() checks for both clock acquisitions.

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 2dc43ac8da7b2bebc5a51a3d86a6275d78f27cff (excl.) affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 4d802f23fcbfec05134653fd001f6c7c3fd55196 (excl.) affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 2b0c4a399c8d27f20ecf17dda76751141d6dbb59 (excl.) affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 35c7624d30cb45ec336cd16ce072acc32ae351cb (excl.) affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 33de168afdd57265a0e0c20dbd3648a2d8f7cdc4 (excl.) affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 790851ecc983c719fa2e6adb17b02f3acc1d217d (excl.) affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 092522621901b5e6af61db04a53f5b313903c6d0 (excl.) affected from 6b8e4e7db3cd236a2cbb720360fb135087a2ac1d to 53f3a900e9a383d47af7253076e19f510c5708d0 (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 5.7 is affected unaffected from 0 to 5.7 (excl.) unaffected from 5.10.253 to 5.10.* (incl.) unaffected from 5.15.203 to 5.15.* (incl.) unaffected from 6.1.167 to 6.1.* (incl.) unaffected from 6.6.130 to 6.6.* (incl.) unaffected from 6.12.78 to 6.12.* (incl.) unaffected from 6.18.19 to 6.18.* (incl.) unaffected from 6.19.9 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)