7.8

CVE-2026-43180

EPSS 0.01%
Veröffentlicht 06.05.2026 11:27:52
Zuletzt bearbeitet 12.05.2026 19:36:09
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode

In the Linux kernel, the following vulnerability has been resolved:

net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode

kaweth_set_rx_mode(), the ndo_set_rx_mode callback, calls
netif_stop_queue() and netif_wake_queue(). These are TX queue flow
control functions unrelated to RX multicast configuration.

The premature netif_wake_queue() can re-enable TX while tx_urb is still
in-flight, leading to a double usb_submit_urb() on the same URB:

kaweth_start_xmit() {
    netif_stop_queue();
    usb_submit_urb(kaweth->tx_urb);
}

kaweth_set_rx_mode() {
    netif_stop_queue();
    netif_wake_queue();             // wakes TX queue before URB is done
}

kaweth_start_xmit() {
    netif_stop_queue();
    usb_submit_urb(kaweth->tx_urb); // URB submitted while active
}

This triggers the WARN in usb_submit_urb():

  "URB submitted while active"

This is a similar class of bug fixed in rtl8150 by

- commit 958baf5eaee3 ("net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast").

Also kaweth_set_rx_mode() is already functionally broken, the
real set_rx_mode action is performed by kaweth_async_set_rx_mode(),
which in turn is not a no-op only at ndo_open() time.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

NVD 14 VulnDex Vulnerability Enrichment 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 2.6.12.1 < 5.10.252

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.202

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.165

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.128

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.75

Linux ≫ Linux Kernel Version >= 6.13 < 6.18.16

Linux ≫ Linux Kernel Version >= 6.19 < 6.19.6

Linux ≫ Linux Kernel Version2.6.12 Update-

Linux ≫ Linux Kernel Version2.6.12 Updaterc2

Linux ≫ Linux Kernel Version2.6.12 Updaterc3

Linux ≫ Linux Kernel Version2.6.12 Updaterc4

Linux ≫ Linux Kernel Version2.6.12 Updaterc5

Linux ≫ Linux Kernel Version2.6.12 Updaterc6

Linux ≫ Linux Kernel Version7.0 Updaterc1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.025

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/443a830b1dc4f85c7560da59d4494b629feee215

Patch

https://git.kernel.org/stable/c/586318c2730433184c6f1d21183e346ddf25e81d

Patch

https://git.kernel.org/stable/c/a2cd4b4db315a845a5603d08c9d03b11ddfc799d

Patch

https://git.kernel.org/stable/c/ef9b10a020503888eb6c8ed85a3d901a624ede4c

Patch

https://git.kernel.org/stable/c/9c79b839a63980c7da7ec5db895198045e154112

Patch

https://git.kernel.org/stable/c/fc393af769af845d9985e2845e49553d8f015a64

Patch

https://git.kernel.org/stable/c/8367c0e90126426e60581e4c07e1ec4411a0f843

Patch

https://git.kernel.org/stable/c/64868f5ecadeb359a49bc4485bfa7c497047f13a

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-43180

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43180

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43180

EUVD