Home

Description

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts for some usb_bulk_msg() calls. Since the user can specify arbitrarily long timeouts and usb_bulk_msg() uses unkillable waits, call usb_bulk_msg_killable() instead to avoid the possibility of the user hanging a kernel thread indefinitely.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-08 | Updated 2026-05-08 | Assigner Linux

Product status

Default status
unaffected

048c6d88a0214757926f264823829e79154fcd4f (git) before e14a0dcdf468c3ad616bb06696c7c64c36e736d8
affected

048c6d88a0214757926f264823829e79154fcd4f (git) before 7fa72c369c23c27d1f64883c1e276af950557fb1
affected

048c6d88a0214757926f264823829e79154fcd4f (git) before 72c0a063489be183cfb99e7050aaef503bdb6449
affected

048c6d88a0214757926f264823829e79154fcd4f (git) before 39bd4097292fd8564cf2cfba9356f8ab11e38d12
affected

048c6d88a0214757926f264823829e79154fcd4f (git) before 0535f84cb94c9d8bcba0a2a5b3fac81b7d97235d
affected

048c6d88a0214757926f264823829e79154fcd4f (git) before 6cb7dc91f057dd8ce44f6caa2995d8e22784ed0a
affected

048c6d88a0214757926f264823829e79154fcd4f (git) before d4f1c45bdff3f393f9ab7e76795901c442b9eb76
affected

048c6d88a0214757926f264823829e79154fcd4f (git) before 7784caa413a89487dd14dd5c41db8753483b2acb
affected

Default status
affected

4.19
affected

Any version before 4.19
unaffected

5.10.253 (semver)
unaffected

5.15.203 (semver)
unaffected

6.1.167 (semver)
unaffected

6.6.130 (semver)
unaffected

6.12.78 (semver)
unaffected

6.18.19 (semver)
unaffected

6.19.9 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/e14a0dcdf468c3ad616bb06696c7c64c36e736d8

git.kernel.org/...c/7fa72c369c23c27d1f64883c1e276af950557fb1

git.kernel.org/...c/72c0a063489be183cfb99e7050aaef503bdb6449

git.kernel.org/...c/39bd4097292fd8564cf2cfba9356f8ab11e38d12

git.kernel.org/...c/0535f84cb94c9d8bcba0a2a5b3fac81b7d97235d

git.kernel.org/...c/6cb7dc91f057dd8ce44f6caa2995d8e22784ed0a

git.kernel.org/...c/d4f1c45bdff3f393f9ab7e76795901c442b9eb76

git.kernel.org/...c/7784caa413a89487dd14dd5c41db8753483b2acb

cve.org (CVE-2026-43429)

nvd.nist.gov (CVE-2026-43429)

Download JSON