CVE-2026-43343 - Vulnerability Details

- usb: gadget: f_subset: Fix unbalanced refcnt in geth_free

Description

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: f_subset: Fix unbalanced refcnt in geth_free

geth_alloc() increments the reference count, but geth_free() fails to
decrement it. This prevents the configuration of attributes via configfs
after unlinking the function.

Decrement the reference count in geth_free() to ensure proper cleanup.

Published: 2026-05-08

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< a932b171554714b1bca313b853c7aa9f2930f9aa
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< d7d702407b61e96286a15b6e715572f541a8d41c
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< 3f5bfc550a40d7493b1cf09540ed6b412b3b82be
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< 75776a055b656873319c3830fed471daef3ceb23
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< cc8ec610cd14c093a19371691a7ce1ee5421e829
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< 3d436670b47415da042452618fb5d8e317ab095f
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< 23e4851ce348a329d974e84e828155dda9f52122
`02832e56f88a981474ee4c7c141f46fc1b4454f4`	affected	< caa27923aacd8a5869207842f2ab1657c6c0c7bc

Linux

affected

Version	Status	Constraints
`3.11`	affected	—
`0`	unaffected	< 3.11
`5.10.253`	unaffected	≤ 5.10.*
`5.15.203`	unaffected	≤ 5.15.*
`6.1.168`	unaffected	≤ 6.1.*
`6.6.134`	unaffected	≤ 6.6.*
`6.12.81`	unaffected	≤ 6.12.*
`6.18.22`	unaffected	≤ 6.18.*
`6.19.12`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,a932b171554714b1bca313b853c7aa9f2930f9aa)`	affected	code_commit	—
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,d7d702407b61e96286a15b6e715572f541a8d41c)`	affected	code_commit	—
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,3f5bfc550a40d7493b1cf09540ed6b412b3b82be)`	affected	code_commit	—
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,75776a055b656873319c3830fed471daef3ceb23)`	affected	code_commit	—
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,cc8ec610cd14c093a19371691a7ce1ee5421e829)`	affected	code_commit	—
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,3d436670b47415da042452618fb5d8e317ab095f)`	affected	code_commit	—
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,23e4851ce348a329d974e84e828155dda9f52122)`	affected	code_commit	—
`[02832e56f88a981474ee4c7c141f46fc1b4454f4,caa27923aacd8a5869207842f2ab1657c6c0c7bc)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`3.11`	affected	semver	—
`[0,3.11)`	unaffected	semver	—
`[5.10.253,5.11.0)`	unaffected	semver	—
`[5.15.203,5.16.0)`	unaffected	semver	—
`[6.1.168,6.2.0)`	unaffected	semver	—
`[6.6.134,6.7.0)`	unaffected	semver	—
`[6.12.81,6.13.0)`	unaffected	semver	—
`[6.18.22,6.19.0)`	unaffected	semver	—
`[6.19.12,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/23e4851ce348a329d974e84e828155dda9f52122
https://git.kernel.org/stable/c/3d436670b47415da042452618fb5d8e317ab095f
https://git.kernel.org/stable/c/3f5bfc550a40d7493b1cf09540ed6b412b3b82be
https://git.kernel.org/stable/c/75776a055b656873319c3830fed471daef3ceb23
https://git.kernel.org/stable/c/a932b171554714b1bca313b853c7aa9f2930f9aa
https://git.kernel.org/stable/c/caa27923aacd8a5869207842f2ab1657c6c0c7bc
https://git.kernel.org/stable/c/cc8ec610cd14c093a19371691a7ce1ee5421e829
https://git.kernel.org/stable/c/d7d702407b61e96286a15b6e715572f541a8d41c
https://lore.kernel.org/linux-cve-announce/2026050825-CVE-2026-43343-637d@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43343
https://www.cve.org/CVERecord?id=CVE-2026-43343

History

Sat, 09 May 2026 02:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-399

Sat, 09 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-911
References		https://lore.kernel.org/linux-cve-announce/2026050825-CVE-2026-43343-637d@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43343 https://www.cve.org/CVERecord?id=CVE-2026-43343

Fri, 08 May 2026 18:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-399

Fri, 08 May 2026 14:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_subset: Fix unbalanced refcnt in geth_free geth_alloc() increments the reference count, but geth_free() fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function. Decrement the reference count in geth_free() to ensure proper cleanup.
Title		usb: gadget: f_subset: Fix unbalanced refcnt in geth_free
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/23e4851ce348a329d974e84e828155dda9f52122 https://git.kernel.org/stable/c/3d436670b47415da042452618fb5d8e317ab095f https://git.kernel.org/stable/c/3f5bfc550a40d7493b1cf09540ed6b412b3b82be https://git.kernel.org/stable/c/75776a055b656873319c3830fed471daef3ceb23 https://git.kernel.org/stable/c/a932b171554714b1bca313b853c7aa9f2930f9aa https://git.kernel.org/stable/c/caa27923aacd8a5869207842f2ab1657c6c0c7bc https://git.kernel.org/stable/c/cc8ec610cd14c093a19371691a7ce1ee5421e829 https://git.kernel.org/stable/c/d7d702407b61e96286a15b6e715572f541a8d41c

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-08T13:37:20.663Z

Updated: 2026-05-11T22:22:44.192Z

Reserved: 2026-05-01T14:12:56.003Z

Link: CVE-2026-43343

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-08T14:16:44.300

Modified: 2026-05-12T14:10:27.343

Link: CVE-2026-43343

Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43343 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-09T03:30:24Z

Weaknesses

CWE-911

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object