CVE-2026-43429
MEDIUM EPSS 2.4%
Published May 8, 20261mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts for some usb_bulk_msg() calls. Since the user can specify arbitrarily long timeouts and usb_bulk_msg() uses unkillable waits, call usb_bulk_msg_killable() instead to avoid the possibility of the user hanging a kernel thread indefinitely.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 11
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥4.19 – <5.10.253 |
| linux | linux_kernel | * | ≥5.11 – <5.15.203 |
| linux | linux_kernel | * | ≥5.16 – <6.1.167 |
| linux | linux_kernel | * | ≥6.2 – <6.6.130 |
| linux | linux_kernel | * | ≥6.7 – <6.12.78 |
| linux | linux_kernel | * | ≥6.13 – <6.18.19 |
| linux | linux_kernel | * | ≥6.19 – <6.19.9 |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
References 8
- git.kernel.org https://git.kernel.org/stable/c/0535f84cb94c9d8bcba0a2a5b3fac81b7d97235d
- git.kernel.org https://git.kernel.org/stable/c/39bd4097292fd8564cf2cfba9356f8ab11e38d12
- git.kernel.org https://git.kernel.org/stable/c/6cb7dc91f057dd8ce44f6caa2995d8e22784ed0a
- git.kernel.org https://git.kernel.org/stable/c/72c0a063489be183cfb99e7050aaef503bdb6449
- git.kernel.org https://git.kernel.org/stable/c/7784caa413a89487dd14dd5c41db8753483b2acb
- git.kernel.org https://git.kernel.org/stable/c/7fa72c369c23c27d1f64883c1e276af950557fb1
- git.kernel.org https://git.kernel.org/stable/c/d4f1c45bdff3f393f9ab7e76795901c442b9eb76
- git.kernel.org https://git.kernel.org/stable/c/e14a0dcdf468c3ad616bb06696c7c64c36e736d8
Remediation
- git.kernel.org https://git.kernel.org/stable/c/0535f84cb94c9d8bcba0a2a5b3fac81b7d97235d
- git.kernel.org https://git.kernel.org/stable/c/39bd4097292fd8564cf2cfba9356f8ab11e38d12
- git.kernel.org https://git.kernel.org/stable/c/6cb7dc91f057dd8ce44f6caa2995d8e22784ed0a
- git.kernel.org https://git.kernel.org/stable/c/72c0a063489be183cfb99e7050aaef503bdb6449
- git.kernel.org https://git.kernel.org/stable/c/7784caa413a89487dd14dd5c41db8753483b2acb
- git.kernel.org https://git.kernel.org/stable/c/7fa72c369c23c27d1f64883c1e276af950557fb1
- git.kernel.org https://git.kernel.org/stable/c/d4f1c45bdff3f393f9ab7e76795901c442b9eb76
- git.kernel.org https://git.kernel.org/stable/c/e14a0dcdf468c3ad616bb06696c7c64c36e736d8