CVE-2026-43423
Atomic Context Locking Issue in Linux Kernel USB Gadget NCM
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves the usb gadget function f_ncm, specifically in the ncm_set_alt function. The issue was that a mutex was held to protect against race conditions with configfs, but this mutex lock was called inside an atomic context where sleeping is not allowed. This caused a 'sleeping function called from invalid context' bug.
To fix this, the developers removed a struct net_device pointer from the f_ncm_opts structure to avoid contention and replaced it with a boolean flag to manage connection state safely, preserving a previous fix for a use-after-free issue.
How can this vulnerability impact me? :
This vulnerability can cause kernel crashes or instability due to improper locking in an atomic context, which may lead to system crashes or denial of service conditions on affected Linux systems using the usb gadget f_ncm functionality.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been resolved by removing the struct net_device pointer from the f_ncm_opts structure and managing connection state with a new boolean flag to avoid contention and use-after-free issues.
Immediate mitigation steps include:
- Update your Linux kernel to a version that includes the fix for this vulnerability.
- If updating is not immediately possible, consider disabling the usb gadget f_ncm driver if it is not required in your environment.
- Monitor kernel logs for related BUG messages to detect any exploitation attempts.
Applying the official patch or upgrading to a fixed kernel version is the most effective way to mitigate this issue.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability relates to an atomic context locking issue in the Linux kernel's usb gadget f_ncm driver, which can cause a BUG due to a sleeping function being called from an invalid context.
Detection would typically involve monitoring kernel logs for BUG messages related to 'sleeping function called from invalid context' or stack traces involving ncm_set_alt, __might_sleep, or __mutex_lock.
You can check your kernel logs using commands such as:
- dmesg | grep -i 'sleeping function called from invalid context'
- journalctl -k | grep -i 'ncm_set_alt'
- grep -i 'BUG' /var/log/kern.log
These commands help identify if the kernel has logged any relevant errors indicating the presence of this vulnerability.