HOMEVULNERABILITIESCVE-2026-43314
NONE

CVE-2026-43314

Published: May 8, 2026· Updated: May 12, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:7.0th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

dm: remove fake timeout to avoid leak request

Since commit 15f73f5b3e59 ("blk-mq: move failure injection out of

blk_mq_complete_request"), drivers are responsible for calling

blk_should_fake_timeout() at appropriate code paths and opportunities.

However, the dm driver does not implement its own timeout handler and

relies on the timeout handling of its slave devices.

If an io-timeout-fail error is injected to a dm device, the request

will be leaked and never completed, causing tasks to hang indefinitely.

Reproduce:

1. prepare dm which has iscsi slave device

2. inject io-timeout-fail to dm

echo 1 >/sys/class/block/dm-0/io-timeout-fail

echo 100 >/sys/kernel/debug/fail_io_timeout/probability

echo 10 >/sys/kernel/debug/fail_io_timeout/times

3. read/write dm

4. iscsiadm -m node -u

Result: hang task like below

[ 862.243768] INFO: task kworker/u514:2:151 blocked for more than 122 seconds.

[ 862.244133] Tainted: G E 6.19.0-rc1+ #51

[ 862.244337] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.

[ 862.244718] task:kworker/u514:2 state:D stack:0 pid:151 tgid:151 ppid:2 task_flags:0x4288060 flags:0x00080000

[ 862.245024] Workqueue: iscsi_ctrl_3:1 __iscsi_unbind_session [scsi_transport_iscsi]

[ 862.245264] Call Trace:

[ 862.245587] <TASK>

[ 862.245814] __schedule+0x810/0x15c0

[ 862.246557] schedule+0x69/0x180

[ 862.246760] blk_mq_freeze_queue_wait+0xde/0x120

[ 862.247688] elevator_change+0x16d/0x460

[ 862.247893] elevator_set_none+0x87/0xf0

[ 862.248798] blk_unregister_queue+0x12e/0x2a0

[ 862.248995] __del_gendisk+0x231/0x7e0

[ 862.250143] del_gendisk+0x12f/0x1d0

[ 862.250339] sd_remove+0x85/0x130 [sd_mod]

[ 862.250650] device_release_driver_internal+0x36d/0x530

[ 862.250849] bus_remove_device+0x1dd/0x3f0

[ 862.251042] device_del+0x38a/0x930

[ 862.252095] __scsi_remove_device+0x293/0x360

[ 862.252291] scsi_remove_target+0x486/0x760

[ 862.252654] __iscsi_unbind_session+0x18a/0x3e0 [scsi_transport_iscsi]

[ 862.252886] process_one_work+0x633/0xe50

[ 862.253101] worker_thread+0x6df/0xf10

[ 862.253647] kthread+0x36d/0x720

[ 862.254533] ret_from_fork+0x2a6/0x470

[ 862.255852] ret_from_fork_asm+0x1a/0x30

[ 862.256037] </TASK>

Remove the blk_should_fake_timeout() check from dm, as dm has no

native timeout handling and should not attempt to fake timeouts.

NVD Source

Technical Analysis

CVE-2026-43314 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (8)

Quick Facts

CVE IDCVE-2026-43314
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedMay 8, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-43314 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.