1. Home
  2. Vulnerabilities
  3. CVE-2026-43428
0.0
NA
CVE-2026-43428
USB: core: Limit the length of unkillable synchronous timeouts
Overview
Description

In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usb_control_msg(), usb_bulk_msg(), and usb_interrupt_msg() APIs in usbcore allow unlimited timeout durations. And since they use uninterruptible waits, this leaves open the possibility of hanging a task for an indefinitely long time, with no way to kill it short of unplugging the target device. To prevent this sort of problem, enforce a maximum limit on the length of these unkillable timeouts. The limit chosen here, somewhat arbitrarily, is 60 seconds. On many systems (although not all) this is short enough to avoid triggering the kernel's hung-task detector. In addition, clear up the ambiguity of negative timeout values by treating them the same as 0, i.e., using the maximum allowed timeout.

Details
INFO

Published Date :

May 8, 2026, 3:16 p.m.

Last Modified :

May 8, 2026, 3:16 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Impact
Affected Products

The following products are affected by CVE-2026-43428 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Limit USB synchronous timeout durations to prevent indefinite task hangs.
  • Apply updates to the Linux kernel.
  • Ensure timeouts are positive and within the 60-second limit.
  • Uninterruptible waits should have a defined maximum duration.
References
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-43428.

URL Resource
https://git.kernel.org/stable/c/06d2bbc4c66c6b0e8a43728c4949026026a5be67
https://git.kernel.org/stable/c/1015c27a5e1a63efae2b18a9901494474b4d1dc3
https://git.kernel.org/stable/c/24b31a227f679a942d820840a4dea7f0c09a387f
https://git.kernel.org/stable/c/2d34cb4d1d6283b4be9c78f4a83ed6956d3069ec
https://git.kernel.org/stable/c/4e86f5b79e62ded7e3c3ebd688cf5775e618148a
https://git.kernel.org/stable/c/64f3d75633aedc12bdff220e9a4337177430bd9d
https://git.kernel.org/stable/c/659c0c7d50a4b0f6aa197c4c098cfd91daf63862
https://git.kernel.org/stable/c/6c62935670acdbb7687ced20494923b66fbb0367
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-43428 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2026-43428 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-43428 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2026-43428 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 08, 2026

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usb_control_msg(), usb_bulk_msg(), and usb_interrupt_msg() APIs in usbcore allow unlimited timeout durations. And since they use uninterruptible waits, this leaves open the possibility of hanging a task for an indefinitely long time, with no way to kill it short of unplugging the target device. To prevent this sort of problem, enforce a maximum limit on the length of these unkillable timeouts. The limit chosen here, somewhat arbitrarily, is 60 seconds. On many systems (although not all) this is short enough to avoid triggering the kernel's hung-task detector. In addition, clear up the ambiguity of negative timeout values by treating them the same as 0, i.e., using the maximum allowed timeout.
    Added Reference https://git.kernel.org/stable/c/06d2bbc4c66c6b0e8a43728c4949026026a5be67
    Added Reference https://git.kernel.org/stable/c/1015c27a5e1a63efae2b18a9901494474b4d1dc3
    Added Reference https://git.kernel.org/stable/c/24b31a227f679a942d820840a4dea7f0c09a387f
    Added Reference https://git.kernel.org/stable/c/2d34cb4d1d6283b4be9c78f4a83ed6956d3069ec
    Added Reference https://git.kernel.org/stable/c/4e86f5b79e62ded7e3c3ebd688cf5775e618148a
    Added Reference https://git.kernel.org/stable/c/64f3d75633aedc12bdff220e9a4337177430bd9d
    Added Reference https://git.kernel.org/stable/c/659c0c7d50a4b0f6aa197c4c098cfd91daf63862
    Added Reference https://git.kernel.org/stable/c/6c62935670acdbb7687ced20494923b66fbb0367
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.