Home

Description

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2_send_request_ex When pvr2_send_request_ex() submits a write URB successfully but fails to submit the read URB (e.g. returns -ENOMEM), it returns immediately without waiting for the write URB to complete. Since the driver reuses the same URB structure, a subsequent call to pvr2_send_request_ex() attempts to submit the still-active write URB, triggering a 'URB submitted while active' warning in usb_submit_urb(). Fix this by ensuring the write URB is unlinked and waited upon if the read URB submission fails.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-06 | Updated 2026-05-07 | Assigner Linux

Product status

Default status
unaffected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before da524c939b1e5ba17f10db4bde4bdaf569ffcda6
affected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before cf459d6ffa5e150ef3744b897f936ff24b52bd15
affected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before 77a63f8efc434ddb04667ed632aade58301a2f13
affected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before 4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde
affected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before 58dd722b6c3debcddb4684fb256c90fee7f063e5
affected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before 2011929f0e4cf6a0a34dd6205911b12276904453
affected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before 5f3ac816861c3b8a5d1a3645b17dc3a99d668d94
affected

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba (git) before a8333c8262aed2aedf608c18edd39cf5342680a7
affected

Default status
affected

2.6.18
affected

Any version before 2.6.18
unaffected

5.10.252 (semver)
unaffected

5.15.202 (semver)
unaffected

6.1.165 (semver)
unaffected

6.6.128 (semver)
unaffected

6.12.75 (semver)
unaffected

6.18.16 (semver)
unaffected

6.19.6 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/da524c939b1e5ba17f10db4bde4bdaf569ffcda6

git.kernel.org/...c/cf459d6ffa5e150ef3744b897f936ff24b52bd15

git.kernel.org/...c/77a63f8efc434ddb04667ed632aade58301a2f13

git.kernel.org/...c/4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde

git.kernel.org/...c/58dd722b6c3debcddb4684fb256c90fee7f063e5

git.kernel.org/...c/2011929f0e4cf6a0a34dd6205911b12276904453

git.kernel.org/...c/5f3ac816861c3b8a5d1a3645b17dc3a99d668d94

git.kernel.org/...c/a8333c8262aed2aedf608c18edd39cf5342680a7

cve.org (CVE-2026-43223)

nvd.nist.gov (CVE-2026-43223)

Download JSON