5.5

CVE-2025-37994

usb: typec: ucsi: displayport: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: ucsi: displayport: Fix NULL pointer access

This patch ensures that the UCSI driver waits for all pending tasks in the
ucsi_displayport_work workqueue to finish executing before proceeding with
the partner removal.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.2 < 5.4.294
LinuxLinux Kernel Version >= 5.5 < 5.10.238
LinuxLinux Kernel Version >= 5.11 < 5.15.183
LinuxLinux Kernel Version >= 5.16 < 6.1.139
LinuxLinux Kernel Version >= 6.2 < 6.6.91
LinuxLinux Kernel Version >= 6.7 < 6.12.29
LinuxLinux Kernel Version >= 6.13 < 6.14.7
LinuxLinux Kernel Version6.15 Updaterc1
LinuxLinux Kernel Version6.15 Updaterc2
LinuxLinux Kernel Version6.15 Updaterc3
LinuxLinux Kernel Version6.15 Updaterc4
LinuxLinux Kernel Version6.15 Updaterc5
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.059
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/7804c4d63edfdd5105926cc291e806e8f4ce01b5
Patch
https://git.kernel.org/stable/c/076ab0631ed4928905736f1701e25f1e722bc086
Patch
https://git.kernel.org/stable/c/14f298c52188c34acde9760bf5abc669c5c36fdb
Patch
https://git.kernel.org/stable/c/5ad298d6d4aebe1229adba6427e417e89a5208d8
Patch
https://git.kernel.org/stable/c/e9b63faf5c97deb43fc39a52edbc39d626cc14bf
Patch
https://git.kernel.org/stable/c/312d79669e71283d05c05cc49a1a31e59e3d9e0e
Patch
https://git.kernel.org/stable/c/9dda1e2a666a8a32ce0f153b5dee05c7351f1020
Patch
https://git.kernel.org/stable/c/a9931f1b52b2d0bf3952e003fd5901ea7eb851ed
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
Third Party Advisory