5.5

CVE-2026-31755

usb: cdns3: gadget: fix NULL pointer dereference in ep_queue

In the Linux kernel, the following vulnerability has been resolved:

usb: cdns3: gadget: fix NULL pointer dereference in ep_queue

When the gadget endpoint is disabled or not yet configured, the ep->desc
pointer can be NULL. This leads to a NULL pointer dereference when
__cdns3_gadget_ep_queue() is called, causing a kernel crash.

Add a check to return -ESHUTDOWN if ep->desc is NULL, which is the
standard return code for unconfigured endpoints.

This prevents potential crashes when ep_queue is called on endpoints
that are not ready.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.15.203
LinuxLinux Kernel Version >= 5.16 < 6.1.168
LinuxLinux Kernel Version >= 6.2 < 6.6.134
LinuxLinux Kernel Version >= 6.7 < 6.12.81
LinuxLinux Kernel Version >= 6.13 < 6.18.22
LinuxLinux Kernel Version >= 6.19 < 6.19.12
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.023
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/3d1433fe34b224b90259e207e5389e95b504ef04
Patch
https://git.kernel.org/stable/c/fb2ad0c1334a3eccfe4ed203f9eef5a4879226f6
Patch
https://git.kernel.org/stable/c/9ab9b0e5fcdac325f950fc8b6caa08a9e22a0db9
Patch
https://git.kernel.org/stable/c/d61446dfc9d387775bb1b95b081953201b9222af
Patch
https://git.kernel.org/stable/c/390536cc6af4ca5566bc3bf1f8b704700380cd2c
Patch
https://git.kernel.org/stable/c/14bf08ab2cdfcdfd3f13e799d06692a1b3e0745f
Patch
https://git.kernel.org/stable/c/7f6f127b9bc34bed35f56faf7ecb1561d6b39000
Patch
https://git.kernel.org/stable/c/3cf0580a09d417eab41ce914a11f9cde3a121871