CVE-2026-43423

Source
https://cve.org/CVERecord?id=CVE-2026-43423
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43423.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43423
Downstream
Published
2026-05-08T14:21:57.683Z
Modified
2026-07-08T08:10:13.510939919Z
Summary
usb: gadget: f_ncm: Fix atomic context locking issue
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: f_ncm: Fix atomic context locking issue

The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context.

Remove the struct netdevice pointer from the fncmopts structure to eliminate the contention. The connection state is now managed by a new boolean flag to preserve the use-after-free fix from commit 6334b8e4553c ("usb: gadget: fncm: Fix UAF ncm object at re-bind after usb ep transport error").

BUG: sleeping function called from invalid context Call Trace: dumpstacklvl+0x83/0xc0 dump_stack+0x14/0x16 __might_resched+0x389/0x4c0 __might_sleep+0x8e/0x100 ... _mutexlock+0x6f/0x1740 ... ncmsetalt+0x209/0xa40 setconfig+0x6b6/0xb40 compositesetup+0x734/0x2b40 ...

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43423.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b62076e780a2121903ecf9ffdfb89c64647cb7da
Fixed
e533a44fb1b337d14f772585b67328bee2e0b5e3
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
188338c1827842f898761a939669cf345bdf07e2
Fixed
e95120b4b95ef1c16d8e94e201ae89f5e59e2612
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
56a512a9b4107079f68701e7d55da8507eb963d9
Fixed
0d6c8144ca4d93253de952a5ea0028c19ed7ab68

Affected versions

v6.*
v6.18.17
v6.18.18
v6.19.7
v6.19.8

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43423.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.18.17
Fixed
6.18.19
Type
ECOSYSTEM
Events
Introduced
6.19.7
Fixed
6.19.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43423.json"