-

CVE-2025-40093

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: f_ecm: Refactor bind path to use __free()

After an bind/unbind cycle, the ecm->notify_req is left stale. If a
subsequent bind fails, the unified error label attempts to free this
stale request, leading to a NULL pointer dereference when accessing
ep->ops->free_request.

Refactor the error handling in the bind path to use the __free()
automatic cleanup mechanism.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < d3745aaef19198d0c81637a7dd50ef53c4f879b7
Version da741b8c56d612b5dd26ffa31341911a5fea23ee
Status affected
Version < 070f341d86cf2c098d63e484a86c7c1d2696a868
Version da741b8c56d612b5dd26ffa31341911a5fea23ee
Status affected
Version < 15b9faf53ba8719700596e7ef78879ce200e8c2e
Version da741b8c56d612b5dd26ffa31341911a5fea23ee
Status affected
Version < 4630c68bade82f087eaaab22e9a361da2f18d139
Version da741b8c56d612b5dd26ffa31341911a5fea23ee
Status affected
Version < 42988380ac67c76bb9dff8f77d7ef3eefd50b7b5
Version da741b8c56d612b5dd26ffa31341911a5fea23ee
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 2.6.27
Status affected
Version < 2.6.27
Version 0
Status unaffected
Version <= 6.1.*
Version 6.1.158
Status unaffected
Version <= 6.6.*
Version 6.6.114
Status unaffected
Version <= 6.12.*
Version 6.12.55
Status unaffected
Version <= 6.17.*
Version 6.17.5
Status unaffected
Version <= *
Version 6.18
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.05% 0.134
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String