-
CVE-2026-43423
- EPSS 0.02%
- Veröffentlicht 08.05.2026 14:21:57
- Zuletzt bearbeitet 12.05.2026 14:10:27
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
usb: gadget: f_ncm: Fix atomic context locking issue
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: f_ncm: Fix atomic context locking issue
The ncm_set_alt function was holding a mutex to protect against races
with configfs, which invokes the might-sleep function inside an atomic
context.
Remove the struct net_device pointer from the f_ncm_opts structure to
eliminate the contention. The connection state is now managed by a new
boolean flag to preserve the use-after-free fix from
commit 6334b8e4553c ("usb: gadget: f_ncm: Fix UAF ncm object at re-bind
after usb ep transport error").
BUG: sleeping function called from invalid context
Call Trace:
dump_stack_lvl+0x83/0xc0
dump_stack+0x14/0x16
__might_resched+0x389/0x4c0
__might_sleep+0x8e/0x100
...
__mutex_lock+0x6f/0x1740
...
ncm_set_alt+0x209/0xa40
set_config+0x6b6/0xb40
composite_setup+0x734/0x2b40
...Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
b62076e780a2121903ecf9ffdfb89c64647cb7da
Version <
e533a44fb1b337d14f772585b67328bee2e0b5e3
Status
affected
Version
188338c1827842f898761a939669cf345bdf07e2
Version <
e95120b4b95ef1c16d8e94e201ae89f5e59e2612
Status
affected
Version
56a512a9b4107079f68701e7d55da8507eb963d9
Version <
0d6c8144ca4d93253de952a5ea0028c19ed7ab68
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
6.18.17
Version <
6.18.19
Status
affected
Version
6.19.7
Version <
6.19.9
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.063 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|