CVE-2026-43427

HIGH EPSS 3.2%
Published May 8, 20261mo ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc->length update can be reordered before the memmove. If this happens, wdm_read() can see the new length and call copy_to_user() on uninitialized memory. This also violates LKMM data race rules [1]. Fix it by using WRITE_ONCE and memory barriers.

CVSS Details

Base Score
7.1
Exploitability
1.8
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 21

VendorProductVersionRange
linuxlinux_kernel*≥2.6.26.1  –  <5.10.253
linuxlinux_kernel*≥5.11  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.78
linuxlinux_kernel*≥6.13  –  <6.18.19
linuxlinux_kernel*≥6.19  –  <6.19.9
linuxlinux_kernel2.6.26any
linuxlinux_kernel2.6.26any
linuxlinux_kernel2.6.26any
linuxlinux_kernel2.6.26any
linuxlinux_kernel2.6.26any
linuxlinux_kernel2.6.26any
linuxlinux_kernel2.6.26any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/170e8daca24da6edb4be82ab01abf44e87af387b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/276aef0fd2b92f41b920ac891c72cadeee957934
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ee3062bf2c9a722afef429826e8607eaf3fc6a0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/638328ca9c17ae6511ad62198c57bae32ffa3c91
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67ed312124bb1b61858778ac0b985b48961c862a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8df672bfe3ec2268c2636584202755898e547173
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8fa96ed021923dae147bcd9f9205b8df7b82360
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3c874b05901dc519054b5107d16620e6d2b5fea
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/170e8daca24da6edb4be82ab01abf44e87af387b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/276aef0fd2b92f41b920ac891c72cadeee957934
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ee3062bf2c9a722afef429826e8607eaf3fc6a0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/638328ca9c17ae6511ad62198c57bae32ffa3c91
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67ed312124bb1b61858778ac0b985b48961c862a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8df672bfe3ec2268c2636584202755898e547173
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8fa96ed021923dae147bcd9f9205b8df7b82360
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3c874b05901dc519054b5107d16620e6d2b5fea
    Patch