PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43352 Git CVE debrief

CVE-2026-43352 is a high-severity Linux kernel flaw in the i3c:mipi-i3c-hci DMA dequeue abort path. The issue can leave ring-abort handling in an inconsistent state, including incorrect completion waiting and unintended controller state resets; the published fix corrects these behaviors and treats an already-stopped ring as successful.

Vendor
Git
Product
Unknown
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-08
Original CVE updated
2026-05-11
Advisory published
2026-05-08
Advisory updated
2026-05-11

Who should care

Linux kernel maintainers, distribution security teams, embedded and industrial operators using I3C-capable hardware, and vendors shipping systems with the mipi-i3c-hci driver should pay attention.

Technical summary

According to the published description, the DMA ring abort logic had four problems: it could issue an abort after the ring had already stopped, it did not re-initialize the completion object before waiting, it cleared RING_CTRL_ENABLE during abort and thereby reset hardware ring pointers, and it did not treat an already-stopped ring as a success case. The fix checks whether the ring is running before aborting, re-initializes the completion when needed, preserves RING_CTRL_ENABLE during abort, and returns success when the ring is already stopped. The supplied NVD vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access and low privileges are required.

Defensive priority

High for systems that use the affected Linux kernel I3C HCI path. Prioritize kernel updates and backports in normal maintenance windows, especially for fleets where controller stability matters.

Recommended defensive actions

  • Apply the kernel fixes referenced by the official stable commit links in the source corpus.
  • Verify your distribution or vendor has backported the correction for mipi-i3c-hci DMA dequeue abort handling.
  • Inventory systems that use I3C-capable hardware or the mipi-i3c-hci driver so remediation can be targeted.
  • After updating, validate controller stability and abort-path behavior in lab or staging environments before broad rollout.
  • Monitor vendor and distribution advisories for any additional backport guidance or package-specific notes.

Evidence notes

This debrief is based only on the supplied CVE description, the NVD record, and the three official Linux kernel stable references included in the source corpus. The source corpus does not provide affected version ranges or CPE data, so version scope is not stated beyond the kernel subsystem named in the advisory. No KEV entry is present in the supplied data.

Official resources

Publicly disclosed in the CVE record on 2026-05-08 and modified on 2026-05-11, per the supplied timeline fields. No Known Exploited Vulnerabilities (KEV) listing is included in the supplied corpus.