-

CVE-2025-71154

EPSS 0.03%
Veröffentlicht 23.01.2026 14:25:53
Zuletzt bearbeitet 26.01.2026 15:03:51
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: usb: rtl8150: fix memory leak on usb_submit_urb() failure

In async_set_registers(), when usb_submit_urb() fails, the allocated
  async_req structure and URB are not freed, causing a memory leak.

  The completion callback async_set_reg_cb() is responsible for freeing
  these allocations, but it is only called after the URB is successfully
  submitted and completes (successfully or with error). If submission
  fails, the callback never runs and the memory is leaked.

  Fix this by freeing both the URB and the request structure in the error
  path when usb_submit_urb() fails.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < a4e2442d3c48355a84463342f397134f149936d7

Version 4d12997a9bb3d217ad4b925ec3074ec89364bf95

Status affected

Version < 2f966186b99550e3c665dbfb87b8314e30acea02

Version 4d12997a9bb3d217ad4b925ec3074ec89364bf95

Status affected

Version < db2244c580540306d60ce783ed340190720cd429

Version 4d12997a9bb3d217ad4b925ec3074ec89364bf95

Status affected

Version < 4bd4ea3eb326608ffc296db12c105f92dc2f2190

Version 4d12997a9bb3d217ad4b925ec3074ec89364bf95

Status affected

Version < 6492ad6439ff1a479fc94dc6052df3628faed8b6

Version 4d12997a9bb3d217ad4b925ec3074ec89364bf95

Status affected

Version < 151403e903840c9cf06754097b6732c14f26c532

Version 4d12997a9bb3d217ad4b925ec3074ec89364bf95

Status affected

Version < 12cab1191d9890097171156d06bfa8d31f1e39c8

Version 4d12997a9bb3d217ad4b925ec3074ec89364bf95

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.10

Status affected

Version < 3.10

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.4

Status unaffected

Version <= *

Version 6.19-rc4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/a4e2442d3c48355a84463342f397134f149936d7

https://git.kernel.org/stable/c/2f966186b99550e3c665dbfb87b8314e30acea02

https://git.kernel.org/stable/c/db2244c580540306d60ce783ed340190720cd429

https://git.kernel.org/stable/c/4bd4ea3eb326608ffc296db12c105f92dc2f2190

https://git.kernel.org/stable/c/6492ad6439ff1a479fc94dc6052df3628faed8b6

https://git.kernel.org/stable/c/151403e903840c9cf06754097b6732c14f26c532

https://git.kernel.org/stable/c/12cab1191d9890097171156d06bfa8d31f1e39c8

https://nvd.nist.gov/vuln/detail/CVE-2025-71154

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-71154

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-71154

EUVD