製品・ソフトウェアに関する情報

JVN脆弱性詳細

LinuxのLinux Kernelにおける不特定の脆弱性

Title	LinuxのLinux Kernelにおける不特定の脆弱性
Summary	Linuxカーネルにおいて、comediの低レベルドライバにアタッチする際にdev-spinlockが再初期化される脆弱性が修正されました。struct comedi_deviceはCOMEDIデバイスを管理しており、そのspinlockは低レベルドライバによって共有されています。異なるドライバがアタッチされる際にspinlockのロックレベルの不一致が原因で不整合なロック状態が発生する可能性がありました。これを防ぐため、CONFIG_LOCKDEP設定が有効な場合にはattach関数の呼び出し前にspinlockが再初期化されるように修正されました。
Possible impacts	当該ソフトウェアが扱う情報について、外部への漏えいは発生しません。また、当該ソフトウェアが扱う情報について、書き換えは発生しません。さらに、当該ソフトウェアが完全に停止する可能性があります。そして、この脆弱性を悪用した攻撃の影響は、他のソフトウェアには及びません。
Solution	リリース情報、またはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。
Publication Date	May 8, 2026, midnight
Registration Date	May 18, 2026, 11:27 a.m.
Last Update	May 18, 2026, 11:27 a.m.

CVSS3.0 : 警告
Score	5.5
Vector	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected System

Linux

Linux Kernel 2.6.29 以上 5.10.253 未満

Linux Kernel 5.11 以上 5.15.203 未満

Linux Kernel 5.16 以上 6.1.168 未満

Linux Kernel 6.13 以上 6.18.22 未満

Linux Kernel 6.19 以上 6.19.12 未満

Linux Kernel 6.2 以上 6.6.134 未満

Linux Kernel 6.7 以上 6.12.81 未満

Linux Kernel 7.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2026-43340	https://www.cve.org/CVERecord?id=CVE-2026-43340
National Vulnerability Database (NVD)
2	CVE-2026-43340	https://nvd.nist.gov/vuln/detail/CVE-2026-43340

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/scap/cwe.html

その他

No	Name	URL
関連文書
1	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/2b1f49e4fdff3ef0f8e9158bbb5b149e06287560)	https://git.kernel.org/stable/c/2b1f49e4fdff3ef0f8e9158bbb5b149e06287560
2	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/3181c34b415c5464be9d34bff3e43ef63b747039)	https://git.kernel.org/stable/c/3181c34b415c5464be9d34bff3e43ef63b747039
3	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/430291d8f3884f57ae0057049b0ca291453e29e1)	https://git.kernel.org/stable/c/430291d8f3884f57ae0057049b0ca291453e29e1
4	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/4b9a9a6d71e3e252032f959fb3895a33acb5865c)	https://git.kernel.org/stable/c/4b9a9a6d71e3e252032f959fb3895a33acb5865c
5	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/4d5ffe524903a30e2e0da7d16841a56bec2de55c)	https://git.kernel.org/stable/c/4d5ffe524903a30e2e0da7d16841a56bec2de55c
6	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/83134a7a176ce5b4b19b6edecf4360e8d98d1a5a)	https://git.kernel.org/stable/c/83134a7a176ce5b4b19b6edecf4360e8d98d1a5a
7	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/b89c026227712c367950bbae055a5b31073d3b30)	https://git.kernel.org/stable/c/b89c026227712c367950bbae055a5b31073d3b30
8	comedi: Reinit dev->spinlock between attachments to low-level drivers - kernel/git/stable/linux.git - Linux kernel stable tree (https://git.kernel.org/stable/c/c01bcc67a9a692d65508ebd480405b5e77d562b7)	https://git.kernel.org/stable/c/c01bcc67a9a692d65508ebd480405b5e77d562b7

Change Log

No	Changed Details	Date of change
1	[2026年05月18日] 掲載	May 18, 2026, 11:27 a.m.

NVD Vulnerability Information

CVE-2026-43340

Summary	In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev->spinlock between attachments to low-level drivers `struct comedi_device` is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member `spinlock` containing a spin-lock that is initialized by the COMEDI subsystem, but is reserved for use by a low-level driver attached to the COMEDI device (at least since commit 25436dc9d84f ("Staging: comedi: remove RT code")). Some COMEDI devices (those created on initialization of the COMEDI subsystem when the "comedi.comedi_num_legacy_minors" parameter is non-zero) can be attached to different low-level drivers over their lifetime using the `COMEDI_DEVCONFIG` ioctl command. This can result in inconsistent lock states being reported when there is a mismatch in the spin-lock locking levels used by each low-level driver to which the COMEDI device has been attached. Fix it by reinitializing `dev->spinlock` before calling the low-level driver's `attach` function pointer if `CONFIG_LOCKDEP` is enabled.
Publication Date	May 8, 2026, 11:16 p.m.
Registration Date	May 9, 2026, 4:13 a.m.
Last Update	May 12, 2026, 11:10 p.m.

Related information, measures and tools

No	URL	refsource
1	https://git.kernel.org/stable/c/2b1f49e4fdff3ef0f8e9158bbb5b149e06287560	416baaa9-dc9f-4396-8d5f-8c081fb06d67
2	https://git.kernel.org/stable/c/3181c34b415c5464be9d34bff3e43ef63b747039	416baaa9-dc9f-4396-8d5f-8c081fb06d67
3	https://git.kernel.org/stable/c/430291d8f3884f57ae0057049b0ca291453e29e1	416baaa9-dc9f-4396-8d5f-8c081fb06d67
4	https://git.kernel.org/stable/c/4b9a9a6d71e3e252032f959fb3895a33acb5865c	416baaa9-dc9f-4396-8d5f-8c081fb06d67
5	https://git.kernel.org/stable/c/4d5ffe524903a30e2e0da7d16841a56bec2de55c	416baaa9-dc9f-4396-8d5f-8c081fb06d67
6	https://git.kernel.org/stable/c/83134a7a176ce5b4b19b6edecf4360e8d98d1a5a	416baaa9-dc9f-4396-8d5f-8c081fb06d67
7	https://git.kernel.org/stable/c/b89c026227712c367950bbae055a5b31073d3b30	416baaa9-dc9f-4396-8d5f-8c081fb06d67
8	https://git.kernel.org/stable/c/c01bcc67a9a692d65508ebd480405b5e77d562b7	416baaa9-dc9f-4396-8d5f-8c081fb06d67

Common Vulnerabilities List