Endpoint Handling Issue in Linux Kernel USB Driver for RTL8150 Devices
CVE-2025-21708
Summary
A vulnerability has been identified in the Linux kernel's USB driver related to the RTL8150 devices. This issue arises during the submission of USB Request Blocks (URBs), where an incorrect USB endpoint type may lead to warnings during operation. The implementation of basic endpoint checks is now enabled to prevent issues, particularly for bulk and interrupt endpoints, although the handling of control endpoints is not included at this time. This change is aimed at addressing potential operational problems, providing a basis for further enhancements if needed.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3c706829ceb6e347bd4ddfd17f1d3048acd69da2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
References
Timeline
Vulnerability published
Vulnerability Reserved