-

CVE-2025-40095

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: f_rndis: Refactor bind path to use __free()

After an bind/unbind cycle, the rndis->notify_req is left stale. If a
subsequent bind fails, the unified error label attempts to free this
stale request, leading to a NULL pointer dereference when accessing
ep->ops->free_request.

Refactor the error handling in the bind path to use the __free()
automatic cleanup mechanism.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < ef81226bb1f8b6e761cd0b53d2696e9c1bc955d1
Version 45fe3b8e5342cd1ce307099459c74011d8e01986
Status affected
Version < 5f65c8ad8c7292ed7e3716343fcd590a51818cc3
Version 45fe3b8e5342cd1ce307099459c74011d8e01986
Status affected
Version < 380353c3a92be7d928e6f973bd065c5b79755ac3
Version 45fe3b8e5342cd1ce307099459c74011d8e01986
Status affected
Version < a8366263b7e5b663d7fb489d3a9ba1e2600049a6
Version 45fe3b8e5342cd1ce307099459c74011d8e01986
Status affected
Version < 08228941436047bdcd35a612c1aec0912a29d8cd
Version 45fe3b8e5342cd1ce307099459c74011d8e01986
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 2.6.27
Status affected
Version < 2.6.27
Version 0
Status unaffected
Version <= 6.1.*
Version 6.1.158
Status unaffected
Version <= 6.6.*
Version 6.6.114
Status unaffected
Version <= 6.12.*
Version 6.12.55
Status unaffected
Version <= 6.17.*
Version 6.17.5
Status unaffected
Version <= *
Version 6.18
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.05% 0.134
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String