DEBIAN-CVE-2026-43482

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2026-43482

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-43482.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2026-43482

Upstream

CVE-2026-43482

Published

2026-05-13T16:16:51.390Z

Modified

2026-05-14T08:48:15.754843384Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: schedext: Disable preemption between scxclaimexit() and kicking helper work scxclaimexit() atomically sets exitkind, which prevents scxerror() from triggering further error handling. After claiming exit, the caller must kick the helper kthread work which initiates bypass mode and teardown. If the calling task gets preempted between claiming exit and kicking the helper work, and the BPF scheduler fails to schedule it back (since error handling is now disabled), the helper work is never queued, bypass mode never activates, tasks stop being dispatched, and the system wedges. Disable preemption across scxclaimexit() and the subsequent work kicking in all callers - scxdisable() and scxvexit(). Add lockdepassertpreemptiondisabled() to scxclaimexit() to enforce the requirement.

References

https://security-tracker.debian.org/tracker/CVE-2026-43482

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source&distro=trixie

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.85-1

Affected versions

6.*

6.12.38-1

6.12.41-1

6.12.43-1~bpo12+1

6.12.43-1

6.12.48-1

6.12.57-1~bpo12+1

6.12.57-1

6.12.63-1~bpo12+1

6.12.63-1

6.12.69-1~bpo12+1

6.12.69-1

6.12.73-1~bpo12+1

6.12.73-1

6.12.74-1

6.12.74-2~bpo12+1

6.12.74-2

6.12.85-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-43482.json"

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source&distro=forky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.19.10-1

Affected versions

6.*

6.12.38-1

6.12.41-1

6.12.43-1~bpo12+1

6.12.43-1

6.12.48-1

6.12.57-1~bpo12+1

6.12.57-1

6.12.63-1~bpo12+1

6.12.63-1

6.12.69-1~bpo12+1

6.12.69-1

6.12.73-1~bpo12+1

6.12.73-1

6.12.74-1

6.12.74-2~bpo12+1

6.12.74-2

6.12.85-1~bpo12+1

6.12.85-1

6.12.86-1~bpo12+1

6.12.86-1

6.13~rc6-1~exp1

6.13~rc7-1~exp1

6.13.2-1~exp1

6.13.3-1~exp1

6.13.4-1~exp1

6.13.5-1~exp1

6.13.6-1~exp1

6.13.7-1~exp1

6.13.8-1~exp1

6.13.9-1~exp1

6.13.10-1~exp1

6.13.11-1~exp1

6.14.3-1~exp1

6.14.5-1~exp1

6.14.6-1~exp1

6.15~rc7-1~exp1

6.15-1~exp1

6.15.1-1~exp1

6.15.2-1~exp1

6.15.3-1~exp1

6.15.4-1~exp1

6.15.5-1~exp1

6.15.6-1~exp1

6.16~rc7-1~exp1

6.16-1~exp1

6.16.1-1~exp1

6.16.3-1~bpo13+1

6.16.3-1

6.16.5-1

6.16.6-1

6.16.7-1

6.16.8-1

6.16.9-1

6.16.10-1

6.16.11-1

6.16.12-1~bpo13+1

6.16.12-1

6.16.12-2

6.17.2-1~exp1

6.17.5-1~exp1

6.17.6-1

6.17.7-1

6.17.7-2

6.17.8-1~bpo13+1

6.17.8-1

6.17.9-1

6.17.10-1

6.17.11-1

6.17.12-1

6.17.13-1~bpo13+1

6.17.13-1

6.18~rc4-1~exp1

6.18~rc4-1~exp2

6.18~rc5-1~exp1

6.18~rc6-1~exp1

6.18~rc7-1~exp1

6.18.1-1~exp1

6.18.2-1~exp1

6.18.3-1

6.18.5-1~bpo13+1

6.18.5-1

6.18.8-1

6.18.9-1~bpo13+1

6.18.9-1

6.18.10-1

6.18.12-1~bpo13+1

6.18.12-1

6.18.13-1

6.18.14-1

6.18.15-1~bpo13+1

6.18.15-1

6.19~rc4-1~exp1

6.19~rc5-1~exp1

6.19~rc6-1~exp1

6.19~rc7-1~exp1

6.19~rc8-1~exp1

6.19-1~exp1

6.19.2-1~exp1

6.19.3-1~exp1

6.19.4-1~exp1

6.19.5-1~exp1

6.19.6-1

6.19.6-2~bpo13+1

6.19.6-2

6.19.8-1~bpo13+1

6.19.8-1

6.19.10-1~bpo13+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-43482.json"