CVE-2026-43061 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA `dmaengine_terminate_async` does not guarantee that the `__dma_tx_complete` callback will run. The callback is currently the only place where `dma->tx_running` gets cleared. If the transaction is canceled and the callback never runs, then `dma->tx_running` will never get cleared and we will never schedule new TX DMA transactions again. This change makes it so we clear `dma->tx_running` after we terminate the DMA transaction. This is "safe" because `serial8250_tx_dma_flush` is holding the UART port lock. The first thing the callback does is also grab the UART port lock, so access to `dma->tx_running` is serialized.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2a72403b985aea6b4aac3171830492f9a387f9e1
https://git.kernel.org/stable/c/5f6b17562f03fc65c7d3474ef8f1959b19d1ca41
https://git.kernel.org/stable/c/79a19bd936bb35f56ef0ccab1b3b59ebce8c762d
https://git.kernel.org/stable/c/8190f9ab6ad90cb97652adbebd238b874a4ef70d
https://git.kernel.org/stable/c/a424a34b8faddf97b5af41689087e7a230f79ba7
https://git.kernel.org/stable/c/b5ad887339503103d0fbe9827b16ad287597c275
https://git.kernel.org/stable/c/d2719a0a9c3439abf67843a5504b7afccd9ded93
https://git.kernel.org/stable/c/f76d91271bcacbd759a2e4ee3ea61faa6a727ccf

History

Tue, 05 May 2026 18:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-668

Tue, 05 May 2026 16:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA `dmaengine_terminate_async` does not guarantee that the `__dma_tx_complete` callback will run. The callback is currently the only place where `dma->tx_running` gets cleared. If the transaction is canceled and the callback never runs, then `dma->tx_running` will never get cleared and we will never schedule new TX DMA transactions again. This change makes it so we clear `dma->tx_running` after we terminate the DMA transaction. This is "safe" because `serial8250_tx_dma_flush` is holding the UART port lock. The first thing the callback does is also grab the UART port lock, so access to `dma->tx_running` is serialized.
Title		serial: 8250: Fix TX deadlock when using DMA
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2a72403b985aea6b4aac3171830492f9a387f9e1 https://git.kernel.org/stable/c/5f6b17562f03fc65c7d3474ef8f1959b19d1ca41 https://git.kernel.org/stable/c/79a19bd936bb35f56ef0ccab1b3b59ebce8c762d https://git.kernel.org/stable/c/8190f9ab6ad90cb97652adbebd238b874a4ef70d https://git.kernel.org/stable/c/a424a34b8faddf97b5af41689087e7a230f79ba7 https://git.kernel.org/stable/c/b5ad887339503103d0fbe9827b16ad287597c275 https://git.kernel.org/stable/c/d2719a0a9c3439abf67843a5504b7afccd9ded93 https://git.kernel.org/stable/c/f76d91271bcacbd759a2e4ee3ea61faa6a727ccf

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-05T15:17:27.079Z

Updated: 2026-05-05T15:17:27.079Z

Reserved: 2026-05-01T14:12:55.981Z

Link: CVE-2026-43061

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-05T16:16:15.210

Modified: 2026-05-05T16:16:15.210

Link: CVE-2026-43061

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object