CVE-2026-43255

The function usbtxblock() submits cardp->txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active (e.g. during rapid firmware loading), usbsubmit_urb() detects the active state and triggers a warning: 'URB submitted while active'.

Fix this by enforcing serialization: call usbkillurb() before submitting the new request. This ensures the URB is idle and safe to reuse.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43255.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

876c9d3aeb989cf1961f2c228d309ba5dcfb1172

Fixed

498525d8358d6d20918787e59736d5b6a021e9fd

Fixed

2902a9b4415a6bafc9b1e5dd360f065d757a0bb7

Fixed

948a39c95d0f8d73722910f8cdb7b6e3e9206232

Fixed

5bfb25495e391a1be0db94b15715174fa06b93a1

Fixed

b82073564373e68c6ae3a96039fae14cd002a496

Fixed

3308c7504e093b22e91a4468470309cee2e26b83

Fixed

fc188b44547dea4e7350833171982a6312befde9

Fixed

d66676e6ca96bf8680f869a9bd6573b26c634622

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43255.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.6.22

Fixed

5.10.252

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.202

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.165

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.128

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.75

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.16

Type: ECOSYSTEM
Events: Introduced

6.19.0

Fixed

6.19.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43255.json"