CVE-2025-21918
usb: typec: ucsi: Fix NULL pointer access
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
01 abr 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Fix NULL pointer access
Resources should be released only after all threads that utilize them
have been destroyed.
This commit ensures that resources are not released prematurely by waiting
for the associated workqueue to complete before deallocating them.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Linux · LinuxReferencias
https://git.kernel.org/stable/c/079a3e52f3e751bb8f5937195bdf25c5d14fdff0https://git.kernel.org/stable/c/46fba7be161bb89068958138ea64ec33c0b446d4https://git.kernel.org/stable/c/592a0327d026a122e97e8e8bb7c60cbbe7697344https://git.kernel.org/stable/c/7a735a8a46f6ebf898bbefd96659ca5da798bce0https://git.kernel.org/stable/c/b13abcb7ddd8d38de769486db5bd917537b32ab1https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html