CVE-2026-43353

HIGH EPSS 1.0%
Published May 8, 20261mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path (hci_dma_dequeue_xfer()) may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself. When a timeout occurs, hci_dma_dequeue_xfer() stops the ring, processes incomplete transfers, and then restarts the ring. If another timeout triggers a parallel call into the same function, the two instances may interfere with each other - stopping or restarting the ring at unexpected times. Add a mutex so that hci_dma_dequeue_xfer() is serialized with respect to itself.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
1.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-362

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.11  –  <6.18.19
linuxlinux_kernel*≥6.19  –  <6.19.9
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/1dca8aee80eea76d2aae21265de5dd64f6ba0f09
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4faa1e9c67a2229f6749190aedaf88ce0391efd2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b684b420a5bb0ea1b0e13abfdb8ce41c5266e62e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1dca8aee80eea76d2aae21265de5dd64f6ba0f09
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4faa1e9c67a2229f6749190aedaf88ce0391efd2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b684b420a5bb0ea1b0e13abfdb8ce41c5266e62e
    Patch