CVE-2026-43223

MEDIUM EPSS 2.8%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2_send_request_ex When pvr2_send_request_ex() submits a write URB successfully but fails to submit the read URB (e.g. returns -ENOMEM), it returns immediately without waiting for the write URB to complete. Since the driver reuses the same URB structure, a subsequent call to pvr2_send_request_ex() attempts to submit the still-active write URB, triggering a 'URB submitted while active' warning in usb_submit_urb(). Fix this by ensuring the write URB is unlinked and waited upon if the read URB submission fails.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.18  –  <5.10.252
linuxlinux_kernel*≥5.11  –  <5.15.202
linuxlinux_kernel*≥5.16  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 8

  • git.kernel.org https://git.kernel.org/stable/c/2011929f0e4cf6a0a34dd6205911b12276904453
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/58dd722b6c3debcddb4684fb256c90fee7f063e5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f3ac816861c3b8a5d1a3645b17dc3a99d668d94
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/77a63f8efc434ddb04667ed632aade58301a2f13
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a8333c8262aed2aedf608c18edd39cf5342680a7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cf459d6ffa5e150ef3744b897f936ff24b52bd15
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da524c939b1e5ba17f10db4bde4bdaf569ffcda6
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2011929f0e4cf6a0a34dd6205911b12276904453
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/58dd722b6c3debcddb4684fb256c90fee7f063e5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f3ac816861c3b8a5d1a3645b17dc3a99d668d94
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/77a63f8efc434ddb04667ed632aade58301a2f13
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a8333c8262aed2aedf608c18edd39cf5342680a7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cf459d6ffa5e150ef3744b897f936ff24b52bd15
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da524c939b1e5ba17f10db4bde4bdaf569ffcda6
    Patch