CVE-2025-22050
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-22050
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22050.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-22050
- Downstream
- Related
- Published
- 2025-04-16T15:15:58Z
- Modified
- 2025-08-09T19:01:28Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usbnet:fix NPE during rx_complete
Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas _usbnetqueue_skb includes this check.
This inconsistency creates a race condition where: A URB request may succeed, but the corresponding SKB data fails to be queued.
Subsequent processes: (e.g., rxcomplete → deferbh → _skbunlink(skb, list)) attempt to access skb->next, triggering a NULL pointer dereference (Kernel Panic).
- References
-
- https://git.kernel.org/stable/c/0c30988588b28393e3e8873d5654f910e86391ba
- https://git.kernel.org/stable/c/0f10f83acfd619e13c64d6705908dfd792f19544
- https://git.kernel.org/stable/c/51de3600093429e3b712e5f091d767babc5dd6df
- https://git.kernel.org/stable/c/95789c2f94fd29dce8759f9766baa333f749287c
- https://git.kernel.org/stable/c/acacd48a37b52fc95f621765762c04152b58d642
- https://git.kernel.org/stable/c/d689645cd1594ea1d13cb0c404f8ad1011353e0e
- https://git.kernel.org/stable/c/fd9ee3f0d6a53844f65efde581c91bbb0ff749ac