CVE-2026-43429
- Source
- https://cve.org/CVERecord?id=CVE-2026-43429
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43429.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-43429
- Downstream
- Published
- 2026-05-08T14:22:01.739Z
- Modified
- 2026-05-22T03:55:11.789913775Z
- Summary
- USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
USB: usbtmc: Use usbbulkmsg_killable() with user-specified timeouts
The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts for some usbbulkmsg() calls. Since the user can specify arbitrarily long timeouts and usbbulkmsg() uses unkillable waits, call usbbulkmsg_killable() instead to avoid the possibility of the user hanging a kernel thread indefinitely.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43429.json" }- References
-
- https://git.kernel.org/stable/c/0535f84cb94c9d8bcba0a2a5b3fac81b7d97235d
- https://git.kernel.org/stable/c/39bd4097292fd8564cf2cfba9356f8ab11e38d12
- https://git.kernel.org/stable/c/6cb7dc91f057dd8ce44f6caa2995d8e22784ed0a
- https://git.kernel.org/stable/c/72c0a063489be183cfb99e7050aaef503bdb6449
- https://git.kernel.org/stable/c/7784caa413a89487dd14dd5c41db8753483b2acb
- https://git.kernel.org/stable/c/7fa72c369c23c27d1f64883c1e276af950557fb1
- https://git.kernel.org/stable/c/d4f1c45bdff3f393f9ab7e76795901c442b9eb76
- https://git.kernel.org/stable/c/e14a0dcdf468c3ad616bb06696c7c64c36e736d8
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43429.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-43429
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced048c6d88a0214757926f264823829e79154fcd4fFixede14a0dcdf468c3ad616bb06696c7c64c36e736d8Fixed7fa72c369c23c27d1f64883c1e276af950557fb1Fixed72c0a063489be183cfb99e7050aaef503bdb6449Fixed39bd4097292fd8564cf2cfba9356f8ab11e38d12Fixed0535f84cb94c9d8bcba0a2a5b3fac81b7d97235dFixed6cb7dc91f057dd8ce44f6caa2995d8e22784ed0aFixedd4f1c45bdff3f393f9ab7e76795901c442b9eb76Fixed7784caa413a89487dd14dd5c41db8753483b2acb
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced4.19.0Fixed5.10.253
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.203
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.167
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.130
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.78
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.19
- Type
- ECOSYSTEM
- Events
-
Introduced6.19.0Fixed6.19.9