In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: f_ncm: Fix atomic context locking issue
The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context.
Remove the struct netdevice pointer from the fncmopts structure to eliminate the contention. The connection state is now managed by a new boolean flag to preserve the use-after-free fix from commit 6334b8e4553c ("usb: gadget: fncm: Fix UAF ncm object at re-bind after usb ep transport error").
BUG: sleeping function called from invalid context Call Trace: dumpstacklvl+0x83/0xc0 dump_stack+0x14/0x16 __might_resched+0x389/0x4c0 __might_sleep+0x8e/0x100 ... _mutexlock+0x6f/0x1740 ... ncmsetalt+0x209/0xa40 setconfig+0x6b6/0xb40 compositesetup+0x734/0x2b40 ...
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43423.json",
"cna_assigner": "Linux"
}