HOMEVULNERABILITIESCVE-2026-43415
NONE

CVE-2026-43415

Published: May 8, 2026· Updated: May 12, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:4.9th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend

In __ufshcd_wl_suspend(), cancel_delayed_work_sync() is called to cancel

the UFS RTC work, but it is placed after ufshcd_vops_suspend(hba, pm_op,

POST_CHANGE). This creates a race condition where ufshcd_rtc_work() can

still be running while ufshcd_vops_suspend() is executing. When

UFSHCD_CAP_CLK_GATING is not supported, the condition

!hba->clk_gating.active_reqs is always true, causing ufshcd_update_rtc()

to be executed. Since ufshcd_vops_suspend() typically performs clock

gating operations, executing ufshcd_update_rtc() at that moment triggers

an SError. The kernel panic trace is as follows:

Kernel panic - not syncing: Asynchronous SError Interrupt

Call trace:

dump_backtrace+0xec/0x128

show_stack+0x18/0x28

dump_stack_lvl+0x40/0xa0

dump_stack+0x18/0x24

panic+0x148/0x374

nmi_panic+0x3c/0x8c

arm64_serror_panic+0x64/0x8c

do_serror+0xc4/0xc8

el1h_64_error_handler+0x34/0x4c

el1h_64_error+0x68/0x6c

el1_interrupt+0x20/0x58

el1h_64_irq_handler+0x18/0x24

el1h_64_irq+0x68/0x6c

ktime_get+0xc4/0x12c

ufshcd_mcq_sq_stop+0x4c/0xec

ufshcd_mcq_sq_cleanup+0x64/0x1dc

ufshcd_clear_cmd+0x38/0x134

ufshcd_issue_dev_cmd+0x298/0x4d0

ufshcd_exec_dev_cmd+0x1a4/0x1c4

ufshcd_query_attr+0xbc/0x19c

ufshcd_rtc_work+0x10c/0x1c8

process_scheduled_works+0x1c4/0x45c

worker_thread+0x32c/0x3e8

kthread+0x120/0x1d8

ret_from_fork+0x10/0x20

Fix this by moving cancel_delayed_work_sync() before the call to

ufshcd_vops_suspend(hba, pm_op, PRE_CHANGE), ensuring the UFS RTC work is

fully completed or cancelled at that point.

NVD Source

Technical Analysis

CVE-2026-43415 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (5)

Quick Facts

CVE IDCVE-2026-43415
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedMay 8, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-43415 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.