What is GHSA-473v-h78r-2j73?

GHSA-473v-h78r-2j73 is a security advisory published by GitHub Security Advisories with High severity. In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race...

Which CVE IDs does GHSA-473v-h78r-2j73 cover?

GHSA-473v-h78r-2j73 covers the following CVE IDs: CVE-2026-43353. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-473v-h78r-2j73?

GHSA-473v-h78r-2j73 has a CVSS v3 base score of 7.8, published by GitHub Security Advisories.

GHSA-473v-h78r-2j73HighCVSS 7.8

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race...

Vendor

GitHub Security Advisories

Published

May 8, 2026

Last Modified

May 15, 2026

🔗 CVE IDs covered (1)

CVE-2026-43353 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path (hci_dma_dequeue_xfer()) may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself. When a timeout occurs, hci_dma_dequeue_xfer() stops the ring, processes incomplete transfers, and then restarts the ring. If another timeout triggers a parallel call into the same function, the two instances may interfere with each other - stopping or restarting the ring at unexpected times. Add a mutex so that hci_dma_dequeue_xfer() is serialized with respect to itself.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-43353
https://git.kernel.org/stable/c/1dca8aee80eea76d2aae21265de5dd64f6ba0f09
https://git.kernel.org/stable/c/4faa1e9c67a2229f6749190aedaf88ce0391efd2
https://git.kernel.org/stable/c/b684b420a5bb0ea1b0e13abfdb8ce41c5266e62e
https://github.com/advisories/GHSA-473v-h78r-2j73