Zero Day MonitorZDM

← Back to list

—

CVE-2026-43160EXPLOITEDPATCHED

apple · macsmc

mfd: macsmc: Initialize mutex

Description

A vulnerability was found in Linux Kernel up to 6.18.15/6.19.5. It has been classified as critical. This impacts the function apple_smc_probe of the component mfd. Performing a manipulation results in uninitialized pointer. This vulnerability is cataloged as CVE-2026-43160. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is recommended.

Affected Products

Vendor	Product	Versions
apple	macsmc	e038d985c9823a12cd64fa077d0c5aca2c644b67, e038d985c9823a12cd64fa077d0c5aca2c644b67, e038d985c9823a12cd64fa077d0c5aca2c644b67, 6.17, 6.18.15, 6.19.5

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
linux	linux	mitre_affected	90%
open source	open source linux kernel	cert_advisory	90%

References

Related News (3 articles)

Tier B

BSI Advisories4d ago

[NEU] [mittel] Linux Kernel: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB5d ago

CVE-2026-43160 | Linux Kernel up to 6.18.15/6.19.5 mfd apple_smc_probe uninitialized pointer

→ No new info (linked only)

Tier C

Linux Kernel CVEs5d ago

CVE-2026-43160: mfd: macsmc: Initialize mutex

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

a1e9e299c0d9ea42ab1067b39fb72e976d3f1bdb2d5932588f029f7787f52c29174fead9bbc6b2cf414f65d6736342c77d4ec5e7373039f4a09250dd06.18.166.19.67.0

PublishedMay 6, 2026

Last enriched5d agov3

Trending Score33

Source articles3

Independent3

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

Multiple vulnerabilities in Apple operating systems

MEDIUMCVE-2026-28950EXP

CVE-2026-28950: A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.

HIGHCVE-2026-20652

The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote attacker ma

MEDIUMCVE-2026-20608

This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing mali

MEDIUMCVE-2026-20635

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 2

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 6, 2026

Discovered by ZDM

May 6, 2026

Updated: affectedVersions

May 6, 2026

Actively Exploited

May 6, 2026

Patch Available

May 6, 2026

Updated: description, severity, affectedVersions, activelyExploited

May 6, 2026

Version History

v3

Last enriched 5d ago

v3Tier C5d ago

Updated severity to CRITICAL, added affected versions 6.18.15 and 6.19.5, and corrected exploit availability to false.

descriptionseverityaffectedVersionsactivelyExploited

via VulDB

v2Tier C5d ago

Added CVE-2026-43160, updated severity to LOW, and clarified affected versions.

affectedVersions

via Linux Kernel CVEs

v15d ago

Initial creation