CVE-2025-37809
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: class: Fix NULL pointer access
Concurrent calls to typec_partner_unlink_device can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protects both the device pointers and the partner device registration.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 59de2a56d127890cc610f3896d5fc31887c54ac2 < de7c24febd21413ea8f49f61b36338b676c02852 | affected |
| Linux | Linux | 59de2a56d127890cc610f3896d5fc31887c54ac2 < 1fdde62411fe65640e69bc55ea027d5b7b2f0093 | affected |
| Linux | Linux | 59de2a56d127890cc610f3896d5fc31887c54ac2 < ec27386de23a511008c53aa2f3434ad180a3ca9a | affected |
| Linux | Linux | 6.7 | affected |
| Linux | Linux | 0 < 6.7 | unaffected |
| Linux | Linux | 6.12.26 <= 6.12.* | unaffected |
| Linux | Linux | 6.14.5 <= 6.14.* | unaffected |
| Linux | Linux | 6.15 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/de7c24febd21413ea8f49f61b36338b676c02852
- https://git.kernel.org/stable/c/1fdde62411fe65640e69bc55ea027d5b7b2f0093
- https://git.kernel.org/stable/c/ec27386de23a511008c53aa2f3434ad180a3ca9a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.