Bug 2468154 (CVE-2026-43357)

Summary: CVE-2026-43357 kernel: iio: gyro: mpu3050-core: fix pm_runtime error handling
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: rhel-process-autobot, watson-tool-maintainers
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in the `iio: gyro: mpu3050-core` driver of the Linux kernel. Incorrect error handling in the power management runtime functions allows the driver to attempt accessing hardware that may have failed to resume. This can lead to an unconditionally incremented device usage count, potentially causing system instability or resource exhaustion.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-05-08 15:02:00 UTC 
In the Linux kernel, the following vulnerability has been resolved:

iio: gyro: mpu3050-core: fix pm_runtime error handling

The return value of pm_runtime_get_sync() is not checked, allowing
the driver to access hardware that may fail to resume. The device
usage count is also unconditionally incremented. Use
pm_runtime_resume_and_get() which propagates errors and avoids
incrementing the usage count on failure.

In preenable, add pm_runtime_put_autosuspend() on set_8khz_samplerate()
failure since postdisable does not run when preenable fails.
Comment 1 Keith Grant 2026-05-08 20:11:10 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026050824-CVE-2026-43357-4d3f@gregkh/T