CVE-2026-4179
Awaiting Analysis Awaiting Analysis - Queue
Infinite Loop Vulnerability in STM32 USB Device Driver

Publication date: 2026-03-16

Last updated on: 2026-04-02

Assigner: Zephyr Project

Description
Issues in stm32 USB device driver (drivers/usb/device/usb_dc_stm32.c) can lead to an infinite while loop.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-04-02
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4179
EUVD
EUVD-2026-12190
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
zephyrproject zephyr to 4.3.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-835 The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-4179 is a moderate severity vulnerability in the Zephyr RTOS affecting the STM32 USB device driver, specifically in the usb_dc_stm32.c file.

The issue occurs in the usb_write function, which tries to write data to a USB endpoint. If the write returns a -EAGAIN error, the function calls k_yield() to yield the processor and retry. However, this retry loop can be executed from within an interrupt handler context.

Calling k_yield() from an interrupt service routine (ISR) violates an assertion that k_yield() must not be called from ISR context. This causes an infinite loop inside the interrupt handler, leading to the system hanging.

This vulnerability is classified under CWE-835 (Loop with Unreachable Exit Condition) because the loop in usb_write can become infinite due to improper use of k_yield() in ISR context.

Impact Analysis

[{'type': 'paragraph', 'content': 'An attacker with local access and low privileges can trigger this vulnerability without any user interaction.'}, {'type': 'paragraph', 'content': 'Triggering the vulnerability causes an infinite loop inside the USB interrupt handler, which results in the system hanging and a denial of service condition.'}, {'type': 'paragraph', 'content': "The availability impact is high, meaning the system's USB functionality and possibly overall operation can be halted due to this vulnerability."}] [1]

Compliance Impact

I don't know

Detection Guidance

This vulnerability causes an infinite loop within the USB interrupt handler in the STM32 USB device driver, leading to the system hanging or USB interrupt processing halting.

Detection can focus on monitoring the system for symptoms such as USB device unresponsiveness or system hangs related to USB activity.

Since the issue occurs locally and involves the USB device driver, network detection is not applicable.

Specific commands to detect this vulnerability are not provided in the available resources.

Mitigation Strategies

Immediate mitigation involves avoiding triggering the USB write retry loop from within an interrupt context.

Since no patched versions are available at the time of the advisory, users should monitor the Zephyr project repository for the referenced patch (pull request #104390) and apply it once released.

In the meantime, limiting local access to the device and avoiding operations that cause USB endpoint writes from interrupt handlers can reduce the risk of triggering the infinite loop.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4179. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart