Infinite Loop Vulnerability in STM32 USB Device Driver by STMicroelectronics
CVE-2026-4179

6.1MEDIUM

Key Information:

Vendor: Zephyrproject-rtos
Status: Zephyr
Vendor: CVE Published:; 14 March 2026

🔔 Create Zephyrproject-rtos Vulnerability Alert

What is CVE-2026-4179?

The STM32 USB device driver contains a critical programming flaw that can cause an infinite loop during USB operations. This issue arises from improper handling of device communication, which could lead to system instability and hinder functionality. Users of the affected driver versions are strongly advised to review and apply the necessary updates or patches to mitigate this potential risk. Ongoing vigilance and prompt action can prevent unnecessary disruptions and enhance system security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Zephyr * <= 4.3

References

https://github.com/zephyrproject-rtos/zephyr/security/adv...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 14, 2026
Vulnerability Reserved
Mar 14, 2026

JSON

Zephyrproject-rtos

What is CVE-2026-4179?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.