SB20260507167 - Race condition in Linux kernel net usb driver
Published: May 7, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Race condition (CVE-ID: CVE-2026-43180)
CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to double submission of an active URB in kaweth_set_rx_mode when handling rx mode changes during transmission. A local user can trigger network interface state changes to cause a denial of service.
The issue is caused by premature transmission queue wake-up while tx_urb is still in flight, which triggers the warning "URB submitted while active".
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/443a830b1dc4f85c7560da59d4494b629feee215
- https://git.kernel.org/stable/c/586318c2730433184c6f1d21183e346ddf25e81d
- https://git.kernel.org/stable/c/64868f5ecadeb359a49bc4485bfa7c497047f13a
- https://git.kernel.org/stable/c/8367c0e90126426e60581e4c07e1ec4411a0f843
- https://git.kernel.org/stable/c/9c79b839a63980c7da7ec5db895198045e154112
- https://git.kernel.org/stable/c/a2cd4b4db315a845a5603d08c9d03b11ddfc799d
- https://git.kernel.org/stable/c/ef9b10a020503888eb6c8ed85a3d901a624ede4c
- https://git.kernel.org/stable/c/fc393af769af845d9985e2845e49553d8f015a64