CVE record
CVE-2026-43427
In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc->length update can be reordered before the memmove. If this happens, wdm_read() can see the new length and call copy_to_user() on uninitialized memory. This also violates LKMM data race rules [1]. Fix it by using WRITE_ONCE and memory barriers.
Amazon picks for vulnerability response
Product discovery links are localized to Amazon US when country data is available.
This page may contain affiliate links. We may earn a commission at no extra cost to you. As an Amazon Associate I earn from qualifying purchases.
Hardware security keys
Physical MFA keys for admin accounts, cloud consoles, password managers, and incident response workflows.
Security engineering books
Books on secure design, incident response, threat modeling, cloud security, and practical defense.
Ethernet cable testers
Portable testers for validating office, rack, home lab, and troubleshooting cable runs.
Vulnerability metadata
- Published
- 2026-05-08T09:46:54.867Z
- Modified
- 2026-05-20T12:59:41.050Z
- EPSS
- Not available
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Recommended platforms
Affiliate-supported recommendations for CVE-2026-43427 vulnerability response.
This page may contain affiliate links. We may earn a commission at no extra cost to you. As an Amazon Associate I earn from qualifying purchases.
Security engineering books
Browse practical security, incident response, cloud security, and secure coding books for team learning.
Cloud security platform
Continuously review cloud posture, exposed services, identity risks, and misconfigurations.
Monitoring and incident response
Track uptime, logs, traces, TLS expiry, API latency, and production security signals.