5.5
CVE-2026-43223
- EPSS 0.13%
- Veröffentlicht 06.05.2026 11:28:22
- Zuletzt bearbeitet 08.05.2026 21:14:54
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
media: pvrusb2: fix URB leak in pvr2_send_request_ex
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2_send_request_ex When pvr2_send_request_ex() submits a write URB successfully but fails to submit the read URB (e.g. returns -ENOMEM), it returns immediately without waiting for the write URB to complete. Since the driver reuses the same URB structure, a subsequent call to pvr2_send_request_ex() attempts to submit the still-active write URB, triggering a 'URB submitted while active' warning in usb_submit_urb(). Fix this by ensuring the write URB is unlinked and waited upon if the read URB submission fails.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.18 < 5.10.252
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.202
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.165
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.128
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.75
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.16
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.028 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/da524c939b1e5ba17f10db4bde4bdaf569ffcda6
https://git.kernel.org/stable/c/cf459d6ffa5e150ef3744b897f936ff24b52bd15
https://git.kernel.org/stable/c/77a63f8efc434ddb04667ed632aade58301a2f13
https://git.kernel.org/stable/c/4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde
https://git.kernel.org/stable/c/58dd722b6c3debcddb4684fb256c90fee7f063e5
https://git.kernel.org/stable/c/2011929f0e4cf6a0a34dd6205911b12276904453
https://git.kernel.org/stable/c/5f3ac816861c3b8a5d1a3645b17dc3a99d668d94
https://git.kernel.org/stable/c/a8333c8262aed2aedf608c18edd39cf5342680a7