-

CVE-2026-43426

EPSS 0.03%
Veröffentlicht 08.05.2026 14:21:59
Zuletzt bearbeitet 12.05.2026 14:10:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

usb: renesas_usbhs: fix use-after-free in ISR during device removal

In the Linux kernel, the following vulnerability has been resolved:

usb: renesas_usbhs: fix use-after-free in ISR during device removal

In usbhs_remove(), the driver frees resources (including the pipe array)
while the interrupt handler (usbhs_interrupt) is still registered. If an
interrupt fires after usbhs_pipe_remove() but before the driver is fully
unbound, the ISR may access freed memory, causing a use-after-free.

Fix this by calling devm_free_irq() before freeing resources. This ensures
the interrupt handler is both disabled and synchronized (waits for any
running ISR to complete) before usbhs_pipe_remove() is called.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 14

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < c7012fc73dab4829404fedeeaa8531f12ac8545f

Status affected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < 51afaf919bbaacdd9cc9e146033ae0a743a42dd7

Status affected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < 1899edac312ef17a7234851686e8a703f56d0a84

Status affected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < 9c6159d5b72d5fc265cce5da04f27d730b552e69

Status affected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < 6287e0c01ccb818e7214f88d885ffb7c9e81b0e0

Status affected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < 0b7d11fd6e742ecc0b1eca44b4f0b93140c74bae

Status affected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < 6ffe44f022c95b1b29c691d2169c5abc046f7580

Status affected

Version f1407d5c66240b33d11a7f1a41d55ccf6a9d7647

Version < 3cbc242b88c607f55da3d0d0d336b49bf1e20412

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.0

Status affected

Version 0

Version < 3.0

Status unaffected

Version <= 5.10.*

Version 5.10.253

Status unaffected

Version <= 5.15.*

Version 5.15.203

Status unaffected

Version <= 6.1.*

Version 6.1.167

Status unaffected

Version <= 6.6.*

Version 6.6.130

Status unaffected

Version <= 6.12.*

Version 6.12.78

Status unaffected

Version <= 6.18.*

Version 6.18.19

Status unaffected

Version <= 6.19.*

Version 6.19.9

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.094

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/c7012fc73dab4829404fedeeaa8531f12ac8545f

https://git.kernel.org/stable/c/51afaf919bbaacdd9cc9e146033ae0a743a42dd7

https://git.kernel.org/stable/c/1899edac312ef17a7234851686e8a703f56d0a84

https://git.kernel.org/stable/c/9c6159d5b72d5fc265cce5da04f27d730b552e69

https://git.kernel.org/stable/c/6287e0c01ccb818e7214f88d885ffb7c9e81b0e0

https://git.kernel.org/stable/c/0b7d11fd6e742ecc0b1eca44b4f0b93140c74bae

https://git.kernel.org/stable/c/6ffe44f022c95b1b29c691d2169c5abc046f7580

https://git.kernel.org/stable/c/3cbc242b88c607f55da3d0d0d336b49bf1e20412

https://nvd.nist.gov/vuln/detail/CVE-2026-43426

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43426

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43426

EUVD