CVE-2026-43138

In the Linux kernel, the following vulnerability has been resolved:

reset: gpio: suppress bind attributes in sysfs

This is a special device that’s created dynamically and is supposed to
stay in memory forever. We also currently don’t have a devlink between
it and the actual reset consumer. Suppress sysfs bind attributes so that
user-space can’t unbind the device because – as of now – it will cause a
use-after-free splat from any user that puts the reset control handle.

More information : https://git.kernel.org/stable/c/09d6efc6abd42809956d598906c222ccd1c8ae92