Primary

Context

Linux Kernel USB Dummy HCD Synchronization Error Vulnerability

Vulnerability

Patched

A synchronization error vulnerability has been identified in the Linux kernel's USB dummy host controller driver. This issue arises from a race condition between USB reset handling and driver unbinding, which can lead to a crash by causing an addressing exception. The vulnerability is present in the USB gadget subsystem, specifically within the dummy_hcd driver.

Impact

Exploitation of this vulnerability causes a crash by provoking an addressing exception, disrupting normal operation of the USB gadget subsystem.

Reproduction

The vulnerability can be reproduced by emulating a USB reset while simultaneously unbinding the driver, creating a race condition that leads to a crash.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: May 8, 2026, 3:36 PM

Updated: May 8, 2026, 3:36 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.9

remediation

7.7

relevance

7.8

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.9

remediation

7.7

relevance

7.8

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel USB Dummy HCD Synchronization Error Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating