CVE-2026-43279 · threatengine.sh

Home/CVE/In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at

CVE

CVE-2026-43279

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But when the setup in the capture stream differs from the playback stream (e.g. due to the USB core limitation of max packet size), such an inconsistency may lead to OOB writes to the buffer, resulting in a crash. For addressing it, add a sanity check of the transfer buffer size at prepare_silent_urb(), and stop the data copy if the received data overflows.

Also, report back the transfer error properly from there, too. Note that this doesn't fix the root cause of the playback error itself, but this merely covers the kernel Oops.

HIGH · CVSS 7.8 EPSS 0.00013

Schedule remediation

CVSS base score ≥ 7.0

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-787Out-of-bounds Write

▤

Affected Products & Versions

6

linux kernel>= 3.5 and < 5.15.202
linux kernel>= 5.16 and < 6.1.165
linux kernel>= 6.2 and < 6.6.128
linux kernel>= 6.7 and < 6.12.75
linux kernel>= 6.13 and < 6.18.16
linux kernel>= 6.19 and < 6.19.6

▣

Scoring & Timeline

7.8

HIGH · CVSS v3.1 · 416baaa9-dc9f-4396-8d5f-8c081fb06d67

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD06 May 2026 · 12:16 PM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

🔗

References & Sources

7

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

https://git.kernel.org/stable/c/6af16f1b8649df4c00d6ced924bdd8b72c885b6aPatch

https://git.kernel.org/stable/c/780dc57794a217b49994fa1d0b42465fb10a00aaPatch

https://git.kernel.org/stable/c/8995fc0e00b3fee9bf7ecb3d836b635b730c1049Patch

https://git.kernel.org/stable/c/ccaf9296763be4f76b59e2cac377006016c34435Patch

https://git.kernel.org/stable/c/fa01973bb79d70c4736b6a4b2de99fbb2cbc8d1fPatch

https://git.kernel.org/stable/c/fba2105a157fffcf19825e4eea498346738c9948Patch

Show all 7 references

https://git.kernel.org/stable/c/fc9e5af60dc199051dc202ae78e1fe76a9977a5ePatch

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin