CVE-2026-43432
Memory Leak in Linux Kernel XHCI Driver
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.13-rc1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's USB xHCI driver, specifically in the function xhci_disable_slot().
The issue occurs because when xhci_alloc_command() allocates a command structure and a completion structure, the error handling path in xhci_disable_slot() only frees the command structure using kfree(), but does not free the associated completion structure, causing a memory leak.
The fix involves using xhci_free_command() instead of kfree(), as xhci_free_command() correctly frees both the command and completion structures.
This bug was found using an experimental static analysis tool based on the LLVM framework designed to detect memory management issues.
How can this vulnerability impact me? :
This memory leak vulnerability can lead to increased memory usage in the Linux kernel when the affected USB xHCI driver function is triggered under error conditions.
Over time, this could degrade system performance or stability, especially on systems with limited memory or those that frequently encounter the error conditions that trigger this leak.
However, triggering this vulnerability requires specific hardware conditions or abnormal states, making it less likely to be encountered in typical usage.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a memory leak in the Linux kernel's xhci_disable_slot() function related to USB xHCI driver internals. It was found using an experimental static analysis tool based on the LLVM framework designed to detect memory management issues.
Since triggering the error paths that cause the leak requires specific hardware conditions or abnormal states, and no reliable runtime test case exists, there are no known commands or network/system detection methods available to detect this vulnerability directly.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been resolved by replacing the incorrect kfree() call with xhci_free_command(), which properly frees all allocated structures.
Immediate mitigation steps include updating your Linux kernel to a version that contains this fix (post v6.13-rc1 or later mainline kernels where the patch is applied).
Since the issue is a memory leak triggered under specific hardware or abnormal conditions, ensuring your system is running an updated kernel is the primary and recommended mitigation.