PatchSiren cyber security CVE debrief
CVE-2026-43479 Linux CVE debrief
CVE-2026-43479 is a Linux kernel issue in the lan78xx USB network driver where disconnecting a device can trigger a WARN in __netif_napi_del_locked(). The source description says the disconnect path called netif_napi_del() while NAPI was still enabled, even though unregister_netdev() already handles NAPI teardown safely. The fix removes the redundant call to avoid the warning during USB device disconnect.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-13
- Original CVE updated
- 2026-05-13
- Advisory published
- 2026-05-13
- Advisory updated
- 2026-05-13
Who should care
Kernel maintainers, Linux distribution teams, embedded/OEM integrators using lan78xx-based USB Ethernet devices, and administrators who rely on these adapters in production systems should review this issue. It is especially relevant for systems where USB network devices may be hot-unplugged or otherwise disconnected.
Technical summary
The reported condition is a warning-triggering teardown ordering problem in the lan78xx disconnect path. During USB disconnect, lan78xx_disconnect() called netif_napi_del() while NAPI remained enabled, which can hit a WARN in __netif_napi_del_locked(). The described resolution is to remove the explicit netif_napi_del() call and let unregister_netdev() perform NAPI teardown as part of normal device unregistration.
Defensive priority
Medium. The issue is described as a kernel WARN during device disconnect rather than a memory corruption or privilege-escalation flaw, but it can still affect reliability, create noisy kernel logs, and expose teardown bugs in environments that hot-plug USB network hardware.
Recommended defensive actions
- Apply the kernel fix that removes the redundant netif_napi_del() call in the lan78xx disconnect path.
- If you ship or maintain kernels with lan78xx support, verify whether your tree includes the referenced upstream/stable fix references from kernel.org.
- Test USB Ethernet disconnect and reconnect workflows on affected systems to confirm the warning no longer occurs.
- Prioritize updates for embedded, appliance, and field-deployed systems that depend on USB networking hardware.
- Monitor kernel logs on systems using lan78xx devices for repeated disconnect warnings until patched.
Evidence notes
The supplied source corpus identifies this as a Linux kernel issue resolved by removing a redundant netif_napi_del() call in lan78xx_disconnect(). The description includes a full warning trace showing __netif_napi_del_locked() reached during USB disconnect. No CVSS score, severity rating, or exploitation evidence is provided in the supplied corpus. The NVD source item also lists three kernel.org stable references as related fix links.
Official resources
-
CVE-2026-43479 CVE record
CVE.org
-
CVE-2026-43479 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published by the source record on 2026-05-13T16:16:51.040Z. The supplied corpus shows no later modification to the CVE record in this data set.