CVE-2026-43487 - Vulnerability Details

- ata: libata-core: Disable LPM on ST1000DM010-2EP102

Description

In the Linux kernel, the following vulnerability has been resolved:

ata: libata-core: Disable LPM on ST1000DM010-2EP102

According to a user report, the ST1000DM010-2EP102 has problems with LPM,
causing random system freezes. The drive belongs to the same BarraCuda
family as the ST2000DM008-2FR102 which has the same issue.

Published: 2026-05-13

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`7627a0edef548c4c4dea62df51cc26bfe5bbcab8`	affected	< f897b72cc74d24e7106716184f450d4045a6289b
`7627a0edef548c4c4dea62df51cc26bfe5bbcab8`	affected	< 87f0349beaacab2ac60c4a1b6dcff254cef7d5a0
`7627a0edef548c4c4dea62df51cc26bfe5bbcab8`	affected	< a4bfb1947eda615fe0b2fc54beb6bedc03372e34
`7627a0edef548c4c4dea62df51cc26bfe5bbcab8`	affected	< b3b1d3ae1d87bc9398fb715c945968bf4c75a09a

Linux

affected

Version	Status	Constraints
`6.9`	affected	—
`0`	unaffected	< 6.9
`6.12.78`	unaffected	≤ 6.12.*
`6.18.19`	unaffected	≤ 6.18.*
`6.19.9`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[7627a0edef548c4c4dea62df51cc26bfe5bbcab8,f897b72cc74d24e7106716184f450d4045a6289b)`	affected	code_commit	—
`[7627a0edef548c4c4dea62df51cc26bfe5bbcab8,87f0349beaacab2ac60c4a1b6dcff254cef7d5a0)`	affected	code_commit	—
`[7627a0edef548c4c4dea62df51cc26bfe5bbcab8,a4bfb1947eda615fe0b2fc54beb6bedc03372e34)`	affected	code_commit	—
`[7627a0edef548c4c4dea62df51cc26bfe5bbcab8,b3b1d3ae1d87bc9398fb715c945968bf4c75a09a)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.9`	affected	semver	—
`[0,6.9)`	unaffected	generic	—
`[6.12.78,6.13.0.0)`	unaffected	generic	—
`[6.18.19,6.19.0.0)`	unaffected	generic	—
`[6.19.9,6.20.0.0)`	unaffected	generic	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/87f0349beaacab2ac60c4a1b6dcff254cef7d5a0
https://git.kernel.org/stable/c/a4bfb1947eda615fe0b2fc54beb6bedc03372e34
https://git.kernel.org/stable/c/b3b1d3ae1d87bc9398fb715c945968bf4c75a09a
https://git.kernel.org/stable/c/f897b72cc74d24e7106716184f450d4045a6289b

History

Wed, 13 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-779

Wed, 13 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Disable LPM on ST1000DM010-2EP102 According to a user report, the ST1000DM010-2EP102 has problems with LPM, causing random system freezes. The drive belongs to the same BarraCuda family as the ST2000DM008-2FR102 which has the same issue.
Title		ata: libata-core: Disable LPM on ST1000DM010-2EP102
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/87f0349beaacab2ac60c4a1b6dcff254cef7d5a0 https://git.kernel.org/stable/c/a4bfb1947eda615fe0b2fc54beb6bedc03372e34 https://git.kernel.org/stable/c/b3b1d3ae1d87bc9398fb715c945968bf4c75a09a https://git.kernel.org/stable/c/f897b72cc74d24e7106716184f450d4045a6289b

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-13T15:08:32.631Z

Updated: 2026-05-13T15:08:32.631Z

Reserved: 2026-05-01T14:12:56.012Z

Link: CVE-2026-43487

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-13T16:16:51.997

Modified: 2026-05-13T16:16:51.997

Link: CVE-2026-43487

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-13T18:15:16Z

Weaknesses

CWE-779

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object