CVE-2026-43342
Published: May 21, 2026Last modified: June 24, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_rndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This issue was identified during code inspection.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 4.7 |
| Attack Vector | LOCAL |
| Attack complexity | HIGH |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.168-r0) |
| 25 LTS | linux-lts | Fixed (6.12.81-r0) | |
| Stream | linux-lts | Fixed (6.18.35-r1) |
References
- https://git.kernel.org/stable/c/0a75d97c53477a59c0aa1c65f69038c719f9c5b8
- https://git.kernel.org/stable/c/209decd3f7901df9842b83f2540dc8685e344a07
- https://git.kernel.org/stable/c/446f1842cda929c40d4697722bfdcfb334bc9692
- https://git.kernel.org/stable/c/65b7dbf80a1627667c241fff7c1c224f3118014f
- https://git.kernel.org/stable/c/7d8fa3b8783ab95a46e20d97fbeeede719b2efda
- https://git.kernel.org/stable/c/8d8c68b1fc06ece60cf43e1306ff0f4ac121547e
- https://git.kernel.org/stable/c/c1b3d5b0acb194efe20fc5864ee03439fa7bd45c
- https://git.kernel.org/stable/c/cb5316b37288ab8791584e32f114c4f41ad45b67