CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/05/15 1:58 a.m.•4 views

SUSE CVE-2026-43488

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...

EUVD•added 2026/05/13 6:30 p.m.•21 views

EUVD-2026-30024

RedhatCVE•added 2026/05/13 5:8 p.m.•6 views

Exploits0References6

CVE-2026-43488

A flaw was found in the Linux kernel's xHCI eXtensible Host Controller Interface driver. When a USB Attached SCSI UAS storage device is connected or disconnected, the xHCI controller can report a Host Controller Error HCE. Improper handling of this error can lead to an interrupt storm, causing...

5.5CVSS5.8AI score0.00156EPSS

NVD•added 2026/05/13 4:16 p.m.•11 views

CVE-2026-43488

0.00156EPSS

Exploits0References5

UbuntuCve•added 2026/05/13 4:16 p.m.•9 views

CVE-2026-43488

OSV•added 2026/05/13 4:16 p.m.•5 views

Exploits0References2

UBUNTU-CVE-2026-43488

5.7AI score0.00156EPSS

CVE•added 2026/05/13 3:8 p.m.•18 views

CVE-2026-43488

The CVE covers Linux kernel USB xHCI: Host Controller Error (HCE) in UAS plug/unplug scenarios caused an interrupt storm when not cleared. The fix adds xhci_halt() handling in xhci_irq() for STS_HCE to mirror STS_FATAL error handling; full HCE recovery requires resetting/re-initializing the xHC. ...

Cvelist•added 2026/05/13 3:8 p.m.•31 views

Exploits0References5

CVE-2026-43488 usb: xhci: Prevent interrupt storm on host controller error (HCE)

0.00156EPSS

Exploits0References5

ATTACKERKB•added 2026/05/13 3:8 p.m.•5 views

CVE-2026-43488

Exploits0References6Affected Software1

Debian CVE•added 2026/05/13 3:8 p.m.•8 views

CVE-2026-43488

SUSE CVE•added 2026/05/13 3:34 a.m.•5 views

Exploits0

SUSE CVE-2026-43353

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...

7.8CVSS5.7AI score0.00099EPSS

CNNVD•added 2026/05/13 12:0 a.m.•9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xHCI controller failing to clear interrupts when reporting host controller errors, potentiall...

Positive Technologies•added 2026/05/13 12:0 a.m.•8 views

Exploits0References1

PT-2026-40695

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xHCI controller where a Host Controller Error HCE occurs during UAS Storage Device plug/unplug scenarios on Android devices. The xhci irq function checks for HCE,...

5.5AI score0.00156EPSS

Exploits0References46

Tenable Nessus•added 2026/05/13 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-43488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug...

5.9AI score0.00156EPSS

RedhatCVE•added 2026/05/08 11:46 p.m.•9 views

CVE-2026-43432

A flaw was found in the Linux kernel's USB xHCI host controller driver. The error handling path in the xhcidisableslot function incorrectly frees only a portion of the allocated memory, leading to a memory leak of the completion structure. This issue, which can be triggered under specific hardwar...

5.5CVSS5.8AI score0.00123EPSS

RedhatCVE•added 2026/05/08 7:57 p.m.•8 views

CVE-2026-43352

A flaw was found in the Linux kernel's I3C Improved Inter-Integrated Circuit Host Controller Interface HCI driver. Incorrect handling of DMA Direct Memory Access ring aborts can lead to the unintentional clearing of RINGCTRLENABLE. This action resets hardware ring pointers and disrupts the...

7.8CVSS5.8AI score0.00128EPSS

RedhatCVE•added 2026/05/08 6:12 p.m.•8 views

CVE-2026-43290

A flaw was found in the Linux kernel's uvcvideo module. This vulnerability occurs when the startstreaming function fails to return queued buffers due to an error in uvcpmget. A local attacker could potentially trigger this condition, leading to system instability or a denial of service DoS by...

7.8CVSS5.8AI score0.00128EPSS

EUVD•added 2026/05/08 3:31 p.m.•5 views

EUVD-2026-28737

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

5.7AI score0.00107EPSS