CVE-2026-53107 - Vulnerability Details

- wifi: libertas: don't kill URBs in interrupt context

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: libertas: don't kill URBs in interrupt context

Serialization for the TX path was enforced by calling
usb_kill_urb()/usb_kill_anchored_urbs(), to prevent transmission before
a previous URB was completed. usb_tx_block() can be called from
interrupt context (e.g. in the HCD giveback path), so we can't always
use it to kill in-flight URBs.

Prevent sleeping during interrupt context by checking the tx_submitted
anchor for existing URBs. We now return -EBUSY, to indicate there's
a pending request.

Published: 2026-06-24

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`3308c7504e093b22e91a4468470309cee2e26b83`	affected	< 00c0317cebf44151df18fb647781f315268cdd98
`d66676e6ca96bf8680f869a9bd6573b26c634622`	affected	< 4f273d3f98ebc60c30bbfb3ed4a7f0477d3eaed2
`d66676e6ca96bf8680f869a9bd6573b26c634622`	affected	< 7c5c2b661bdb78c1472b8833265c9ed1ee880039
`498525d8358d6d20918787e59736d5b6a021e9fd`	affected	—
`2902a9b4415a6bafc9b1e5dd360f065d757a0bb7`	affected	—
`948a39c95d0f8d73722910f8cdb7b6e3e9206232`	affected	—
`5bfb25495e391a1be0db94b15715174fa06b93a1`	affected	—
`b82073564373e68c6ae3a96039fae14cd002a496`	affected	—
`fc188b44547dea4e7350833171982a6312befde9`	affected	—
`6.18.16`	affected	< 6.18.33
`5.10.252`	affected	< 5.11
`5.15.202`	affected	< 5.16
`6.1.165`	affected	< 6.2
`6.6.128`	affected	< 6.7
`6.12.75`	affected	< 6.13
`6.19.6`	affected	< 6.20

Linux

affected

Version	Status	Constraints
`7.0`	affected	—
`0`	unaffected	< 7.0
`6.18.33`	unaffected	≤ 6.18.*
`7.0.10`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/00c0317cebf44151df18fb647781f315268cdd98
https://git.kernel.org/stable/c/4f273d3f98ebc60c30bbfb3ed4a7f0477d3eaed2
https://git.kernel.org/stable/c/7c5c2b661bdb78c1472b8833265c9ed1ee880039

History

Wed, 24 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: don't kill URBs in interrupt context Serialization for the TX path was enforced by calling usb_kill_urb()/usb_kill_anchored_urbs(), to prevent transmission before a previous URB was completed. usb_tx_block() can be called from interrupt context (e.g. in the HCD giveback path), so we can't always use it to kill in-flight URBs. Prevent sleeping during interrupt context by checking the tx_submitted anchor for existing URBs. We now return -EBUSY, to indicate there's a pending request.
Title		wifi: libertas: don't kill URBs in interrupt context
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/00c0317cebf44151df18fb647781f315268cdd98 https://git.kernel.org/stable/c/4f273d3f98ebc60c30bbfb3ed4a7f0477d3eaed2 https://git.kernel.org/stable/c/7c5c2b661bdb78c1472b8833265c9ed1ee880039

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-24T16:30:42.056Z

Updated: 2026-06-24T16:30:42.056Z

Reserved: 2026-06-09T07:44:35.385Z

Link: CVE-2026-53107

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object