CVE-2026-43223 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2_send_request_ex When pvr2_send_request_ex() submits a write URB successfully but fails to submit the read URB (e.g. returns -ENOMEM), it returns immediately without waiting for the write URB to complete. Since the driver reuses the same URB structure, a subsequent call to pvr2_send_request_ex() attempts to submit the still-active write URB, triggering a 'URB submitted while active' warning in usb_submit_urb(). Fix this by ensuring the write URB is unlinked and waited upon if the read URB submission fails.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

References

Link	Providers
https://git.kernel.org/stable/c/2011929f0e4cf6a0a34dd6205911b12276904453
https://git.kernel.org/stable/c/4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde
https://git.kernel.org/stable/c/58dd722b6c3debcddb4684fb256c90fee7f063e5
https://git.kernel.org/stable/c/5f3ac816861c3b8a5d1a3645b17dc3a99d668d94
https://git.kernel.org/stable/c/77a63f8efc434ddb04667ed632aade58301a2f13
https://git.kernel.org/stable/c/a8333c8262aed2aedf608c18edd39cf5342680a7
https://git.kernel.org/stable/c/cf459d6ffa5e150ef3744b897f936ff24b52bd15
https://git.kernel.org/stable/c/da524c939b1e5ba17f10db4bde4bdaf569ffcda6

History

Wed, 06 May 2026 15:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-404

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2_send_request_ex When pvr2_send_request_ex() submits a write URB successfully but fails to submit the read URB (e.g. returns -ENOMEM), it returns immediately without waiting for the write URB to complete. Since the driver reuses the same URB structure, a subsequent call to pvr2_send_request_ex() attempts to submit the still-active write URB, triggering a 'URB submitted while active' warning in usb_submit_urb(). Fix this by ensuring the write URB is unlinked and waited upon if the read URB submission fails.
Title		media: pvrusb2: fix URB leak in pvr2_send_request_ex
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2011929f0e4cf6a0a34dd6205911b12276904453 https://git.kernel.org/stable/c/4ba5c7a1aade7090172cbffd4d120bf4cf5ccbde https://git.kernel.org/stable/c/58dd722b6c3debcddb4684fb256c90fee7f063e5 https://git.kernel.org/stable/c/5f3ac816861c3b8a5d1a3645b17dc3a99d668d94 https://git.kernel.org/stable/c/77a63f8efc434ddb04667ed632aade58301a2f13 https://git.kernel.org/stable/c/a8333c8262aed2aedf608c18edd39cf5342680a7 https://git.kernel.org/stable/c/cf459d6ffa5e150ef3744b897f936ff24b52bd15 https://git.kernel.org/stable/c/da524c939b1e5ba17f10db4bde4bdaf569ffcda6

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:28:22.952Z

Updated: 2026-05-06T11:28:22.952Z

Reserved: 2026-05-01T14:12:55.994Z

Link: CVE-2026-43223

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:42.020

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43223

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T17:45:08Z

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object