← back
CVE-2025-22050

usbnet:fix NPE during rx_complete

3Vexday Risk Score

No sign of exploitation. No public exploitation artifact known so far.

ssvc Trackepss 0.2%
exploitation probability
0.2%top 92% of all CVEs
observed exploitation
nono source reports it
In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. The usb_submit_urb function lacks a usbnet_going_away validation, whereas __usbnet_queue_skb includes this check. This inconsistency creates a race condition where: A URB request may succeed, but the corresponding SKB data fails to be queued. Subsequent processes: (e.g., rx_complete → defer_bh → __skb_unlink(skb, list)) attempt to access skb->next, triggering a NULL pointer dereference (Kernel Panic).
Affected products
Linux · Linux