CVE-2026-43223

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: pvrusb2: fix URB leak in pvr2_send_request_ex<br /> <br /> When pvr2_send_request_ex() submits a write URB successfully but fails to<br /> submit the read URB (e.g. returns -ENOMEM), it returns immediately without<br /> waiting for the write URB to complete. Since the driver reuses the same<br /> URB structure, a subsequent call to pvr2_send_request_ex() attempts to<br /> submit the still-active write URB, triggering a &amp;#39;URB submitted while<br /> active&amp;#39; warning in usb_submit_urb().<br /> <br /> Fix this by ensuring the write URB is unlinked and waited upon if the read<br /> URB submission fails.