目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2026-43327— Linux kernel 安全漏洞

AI 预测 4.9 利用难度: 中等 EPSS 0.10% · P1

影响版本矩阵 30

厂商产品版本范围状态
LinuxLinux7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< 6350c7dd33ab481ef41c931a238361490c32d15caffected
7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< cc97fb5969177cccce2e23b31298df220fc7570daffected
7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< 218886b2ef2dea7627d3700ab0abaf4bf9d1161faffected
7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< 791966f85b439b261bf19865cf1c07c065ffb4b4affected
7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< 805b1833d6ed6da5086e610578a28e71bb54fbbbaffected
7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< efbd9441f1e769a7aae1813d497cec09cbdff031affected
7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< 69ab97a693251d6a6093e630060a3c744fd58524affected
7dbd8f4cabd96db5a50513de9d83a8105a5ffc81< 616a63ff495df12863692ab3f9f7b84e3fa7a66daffected
… +22 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2026-43327 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
USB: dummy-hcd: Fix locking/synchronization error
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usb_gadget_udc_reset() routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine was called with a second ("driver") argument of NULL. The bad caller was set_link_state() in dummy_hcd.c, and the problem arose because of a race between a USB reset and driver unbind. These sorts of races were not supposed to be possible; commit 7dbd8f4cabd9 ("USB: dummy-hcd: Fix erroneous synchronization change"), along with a few followup commits, was written specifically to prevent them. As it turns out, there are (at least) two errors remaining in the code. Another patch will address the second error; this one is concerned with the first. The error responsible for the syzbot crash occurred because the stop_activity() routine will sometimes drop and then re-acquire the dum->lock spinlock. A call to stop_activity() occurs in set_link_state() when handling an emulated USB reset, after the test of dum->ints_enabled and before the increment of dum->callback_usage. This allowed another thread (doing a driver unbind) to sneak in and grab the spinlock, and then clear dum->ints_enabled and dum->driver. Normally this other thread would have to wait for dum->callback_usage to go down to 0 before it would clear dum->driver, but in this case it didn't have to wait since dum->callback_usage had not yet been incremented. The fix is to increment dum->callback_usage _before_ calling stop_activity() instead of after. Then the thread doing the unbind will not clear dum->driver until after the call to usb_gadget_udc_reset() safely returns and dum->callback_usage has been decremented again.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于USB dummy-hcd驱动锁定同步错误,可能导致竞态条件和空指针取消引用。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 7dbd8f4cabd96db5a50513de9d83a8105a5ffc81 ~ 6350c7dd33ab481ef41c931a238361490c32d15c -
LinuxLinux 4.14 -

二、漏洞 CVE-2026-43327 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2026-43327 的情报信息

登录查看更多情报信息。

CVE-2026-43327 补丁与修复 (8)

同批安全公告 · Linux · 2026-05-08 · 共 197 条

CVE-2026-434029.8 CRITICALLinux kernel 安全漏洞
CVE-2026-433849.8 CRITICALLinux kernel 安全漏洞
CVE-2026-434149.8 CRITICALLinux kernel 安全漏洞
CVE-2026-433049.8 CRITICALLinux kernel 安全漏洞
CVE-2026-433419.8 CRITICALLinux kernel 安全漏洞
CVE-2026-433769.8 CRITICALLinux kernel 安全漏洞
CVE-2026-433789.8 CRITICALLinux kernel 安全漏洞
CVE-2026-433799.8 CRITICALLinux kernel 安全漏洞
CVE-2026-434659.8 CRITICALLinux kernel 安全漏洞
CVE-2026-433839.4 CRITICALLinux kernel 安全漏洞
CVE-2026-434079.1 CRITICALLinux kernel 安全漏洞
CVE-2026-434069.1 CRITICALLinux kernel 安全漏洞
CVE-2026-432848.8 HIGHLinux kernel 安全漏洞
CVE-2026-434038.8 HIGHLinux kernel 安全漏洞
CVE-2026-433348.8 HIGHLinux kernel 安全漏洞
CVE-2026-433228.8 HIGHLinux kernel 安全漏洞
CVE-2026-433918.8 HIGHLinux kernel 安全漏洞
CVE-2026-432918.3 HIGHLinux kernel 安全漏洞
CVE-2026-433658.2 HIGHLinux kernel 安全漏洞
CVE-2026-434528.2 HIGHLinux kernel 安全漏洞

显示前 20 条,共 197 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-43327

暂无评论


发表评论