CVE-2026-43430 - Vulnerability Details

Description

In the Linux kernel, the following vulnerability has been resolved:

usb: yurex: fix race in probe

The bbu member of the descriptor must be set to the value
standing for uninitialized values before the URB whose
completion handler sets bbu is submitted. Otherwise there is
a window during which probing can overwrite already retrieved
data.

Published: 2026-05-08

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Linux kernel contains a race condition in the USB Yurex driver. If the bbu member of the descriptor is not pre‑initialized to a sentinel value before the URB is submitted, the probe routine can overwrite data that has already been retrieved. This flaw, which falls under CWE-367, can corrupt device descriptor structures in kernel memory, potentially causing kernel instability or a denial of service.

Affected Systems

The flaw affects Linux kernel builds that include the Yurex USB driver. No specific kernel version numbers are given in the CVE data, so any kernel prior to the patch referenced in the commit URLs may be vulnerable. The affected product is the Linux kernel, and the vulnerability is present in all distributions that ship an unpatched version of the Yurex driver.

Risk and Exploitability

The EPSS score is < 1%, indicating a very low but non‑zero probability of exploitation. The CVSS score is not available in the CVE data, and the vulnerability is not listed in CISA's KEV catalog, so the quantitative severity remains uncertain. The attack vector requires control over USB device enumeration, implying a local or external threat where the attacker can supply or manipulate a Yurex USB device. Because the race condition operates within privileged kernel code, successful exploitation would need sufficient privilege, but the risk is moderate to high in environments that accept untrusted USB devices and have not applied the kernel update. No publicly available exploit has been disclosed.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< a7934d7202a39c3160aa30521c382c7b744ae4a2
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< a8b3b3d730acea1640bc89465f2832cf06a1e13a
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< 687d26d43a5aaf44323ce7d601cf242bb87e9559
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< 939e3d17b843b0bae70467fef4481069d73c8520
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< 3cec135415a89723e2d38e1c8cc5098203355965
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< a41d3d9202e951995cfac6248c565423079c71fa
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< af83e92c329f11139d5eea2b5b7b83c26c3f67e7
`6bc235a2e24a5ef677daee3fd4f74f6cd643e23c`	affected	< 7a875c09899ba0404844abfd8f0d54cdc481c151

Linux

affected

Version	Status	Constraints
`2.6.37`	affected	—
`0`	unaffected	< 2.6.37
`5.10.253`	unaffected	≤ 5.10.*
`5.15.203`	unaffected	≤ 5.15.*
`6.1.167`	unaffected	≤ 6.1.*
`6.6.130`	unaffected	≤ 6.6.*
`6.12.78`	unaffected	≤ 6.12.*
`6.18.19`	unaffected	≤ 6.18.*
`6.19.9`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,a7934d7202a39c3160aa30521c382c7b744ae4a2)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,a8b3b3d730acea1640bc89465f2832cf06a1e13a)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,687d26d43a5aaf44323ce7d601cf242bb87e9559)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,939e3d17b843b0bae70467fef4481069d73c8520)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,3cec135415a89723e2d38e1c8cc5098203355965)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,a41d3d9202e951995cfac6248c565423079c71fa)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,af83e92c329f11139d5eea2b5b7b83c26c3f67e)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,7a875c09899ba0404844abfd8f0d54cdc481c151)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[5.10.253,5.11.0)`	unaffected	semver	—
`[5.15.203,5.16.0)`	unaffected	semver	—
`[6.1.167,6.2.0)`	unaffected	semver	—
`[6.6.130,6.7.0)`	unaffected	semver	—
`[6.12.78,6.13.0)`	unaffected	semver	—
`[6.18.19,6.19.0)`	unaffected	semver	—
`[6.19.9,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to a version that includes the Yurex race‑condition patch.
If an immediate kernel upgrade is unavailable, disable or blacklist the Yurex driver module to prevent the flaw from being exercised.
Monitor kernel logs (e.g., dmesg) for URB completion errors or anomalous descriptor updates and audit USB device enumeration for unexpected activity.
Consider restricting USB access with udev rules or system‑wide policies to limit exposure to untrusted devices.

Generated by OpenCVE AI on May 9, 2026 at 15:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/3cec135415a89723e2d38e1c8cc5098203355965
https://git.kernel.org/stable/c/687d26d43a5aaf44323ce7d601cf242bb87e9559
https://git.kernel.org/stable/c/7a875c09899ba0404844abfd8f0d54cdc481c151
https://git.kernel.org/stable/c/939e3d17b843b0bae70467fef4481069d73c8520
https://git.kernel.org/stable/c/a41d3d9202e951995cfac6248c565423079c71fa
https://git.kernel.org/stable/c/a7934d7202a39c3160aa30521c382c7b744ae4a2
https://git.kernel.org/stable/c/a8b3b3d730acea1640bc89465f2832cf06a1e13a
https://git.kernel.org/stable/c/af83e92c329f11139d5eea2b5b7b83c26c3f67e7
https://lore.kernel.org/linux-cve-announce/2026050850-CVE-2026-43430-a1d8@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43430
https://www.cve.org/CVERecord?id=CVE-2026-43430

History

Sat, 09 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-362

Sat, 09 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-367
References		https://lore.kernel.org/linux-cve-announce/2026050850-CVE-2026-43430-a1d8@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43430 https://www.cve.org/CVERecord?id=CVE-2026-43430

Fri, 08 May 2026 18:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-362

Fri, 08 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which probing can overwrite already retrieved data.
Title		usb: yurex: fix race in probe
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3cec135415a89723e2d38e1c8cc5098203355965 https://git.kernel.org/stable/c/687d26d43a5aaf44323ce7d601cf242bb87e9559 https://git.kernel.org/stable/c/7a875c09899ba0404844abfd8f0d54cdc481c151 https://git.kernel.org/stable/c/939e3d17b843b0bae70467fef4481069d73c8520 https://git.kernel.org/stable/c/a41d3d9202e951995cfac6248c565423079c71fa https://git.kernel.org/stable/c/a7934d7202a39c3160aa30521c382c7b744ae4a2 https://git.kernel.org/stable/c/a8b3b3d730acea1640bc89465f2832cf06a1e13a https://git.kernel.org/stable/c/af83e92c329f11139d5eea2b5b7b83c26c3f67e7

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-08T14:22:02.458Z

Updated: 2026-05-09T04:10:57.407Z

Reserved: 2026-05-01T14:12:56.009Z

Link: CVE-2026-43430

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-08T15:16:55.243

Modified: 2026-05-08T15:16:55.243

Link: CVE-2026-43430

Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43430 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-09T15:30:36Z

Weaknesses

CWE-367

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object