CVE-2025-71154

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: usb: rtl8150: fix memory leak on usb_submit_urb() failure

In async_set_registers(), when usb_submit_urb() fails, the allocated async_req structure and URB are not freed, causing a memory leak.

The completion callback async_set_reg_cb() is responsible for freeing these allocations, but it is only called after the URB is successfully submitted and completes (successfully or with error). If submission fails, the callback never runs and the memory is leaked.

Fix this by freeing both the URB and the request structure in the error path when usb_submit_urb() fails.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4d12997a9bb3d217ad4b925ec3074ec89364bf95 < a4e2442d3c48355a84463342f397134f149936d7affected
LinuxLinux4d12997a9bb3d217ad4b925ec3074ec89364bf95 < 2f966186b99550e3c665dbfb87b8314e30acea02affected
LinuxLinux4d12997a9bb3d217ad4b925ec3074ec89364bf95 < db2244c580540306d60ce783ed340190720cd429affected
LinuxLinux4d12997a9bb3d217ad4b925ec3074ec89364bf95 < 4bd4ea3eb326608ffc296db12c105f92dc2f2190affected
LinuxLinux4d12997a9bb3d217ad4b925ec3074ec89364bf95 < 6492ad6439ff1a479fc94dc6052df3628faed8b6affected
LinuxLinux4d12997a9bb3d217ad4b925ec3074ec89364bf95 < 151403e903840c9cf06754097b6732c14f26c532affected
LinuxLinux4d12997a9bb3d217ad4b925ec3074ec89364bf95 < 12cab1191d9890097171156d06bfa8d31f1e39c8affected
LinuxLinux3.10affected
LinuxLinux0 < 3.10unaffected
LinuxLinux5.10.248 <= 5.10.*unaffected
LinuxLinux5.15.198 <= 5.15.*unaffected
LinuxLinux6.1.160 <= 6.1.*unaffected
LinuxLinux6.6.120 <= 6.6.*unaffected
LinuxLinux6.12.64 <= 6.12.*unaffected
LinuxLinux6.18.4 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References