{ "affected": [ { "ecosystem_specific": { "urgency": "not yet assigned" }, "package": { "ecosystem": "Debian:11", "name": "linux" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "5.10.257-1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "urgency": "not yet assigned" }, "package": { "ecosystem": "Debian:12", "name": "linux" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "6.1.170-1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "urgency": "not yet assigned" }, "package": { "ecosystem": "Debian:13", "name": "linux" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "6.12.85-1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "urgency": "not yet assigned" }, "package": { "ecosystem": "Debian:14", "name": "linux" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "6.19.6-1" } ], "type": "ECOSYSTEM" } ] } ], "details": "In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount incremented, which is stored in 'entry' and then copied to 'native_mode'. When the error paths at lines 184 or 192 jump to 'entryfail', native_mode's refcount is not decremented, causing a refcount leak. Fix this by changing the goto target from 'entryfail' to 'timingfail', which properly calls of_node_put(native_mode) before cleanup.", "id": "DEBIAN-CVE-2026-43264", "modified": "2026-05-29T17:48:18.228573730Z", "published": "2026-05-06T12:16:47.373Z", "references": [ { "type": "ADVISORY", "url": "https://security-tracker.debian.org/tracker/CVE-2026-43264" } ], "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "upstream": [ "CVE-2026-43264" ] }