5.5

CVE-2026-43223

media: pvrusb2: fix URB leak in pvr2_send_request_ex

In the Linux kernel, the following vulnerability has been resolved:

media: pvrusb2: fix URB leak in pvr2_send_request_ex

When pvr2_send_request_ex() submits a write URB successfully but fails to
submit the read URB (e.g. returns -ENOMEM), it returns immediately without
waiting for the write URB to complete. Since the driver reuses the same
URB structure, a subsequent call to pvr2_send_request_ex() attempts to
submit the still-active write URB, triggering a 'URB submitted while
active' warning in usb_submit_urb().

Fix this by ensuring the write URB is unlinked and waited upon if the read
URB submission fails.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.18 < 5.10.252
LinuxLinux Kernel Version >= 5.11 < 5.15.202
LinuxLinux Kernel Version >= 5.16 < 6.1.165
LinuxLinux Kernel Version >= 6.2 < 6.6.128
LinuxLinux Kernel Version >= 6.7 < 6.12.75
LinuxLinux Kernel Version >= 6.13 < 6.18.16
LinuxLinux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.028
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/da524c939b1e5ba17f10db4bde4bdaf569ffcda6
Patch
https://git.kernel.org/stable/c/cf459d6ffa5e150ef3744b897f936ff24b52bd15
Patch
https://git.kernel.org/stable/c/77a63f8efc434ddb04667ed632aade58301a2f13
Patch
https://git.kernel.org/stable/c/4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde
Patch
https://git.kernel.org/stable/c/58dd722b6c3debcddb4684fb256c90fee7f063e5
Patch
https://git.kernel.org/stable/c/2011929f0e4cf6a0a34dd6205911b12276904453
Patch
https://git.kernel.org/stable/c/5f3ac816861c3b8a5d1a3645b17dc3a99d668d94
Patch
https://git.kernel.org/stable/c/a8333c8262aed2aedf608c18edd39cf5342680a7
Patch