Isochronous Transfer Issue in Linux Kernel Affecting USB Functionality
CVE-2025-22023

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 April 2025

Summary

A vulnerability exists in the Linux kernel's USB xHCI driver, which previously malfunctioned during the handling of isochronous transfers when reaching specific Stopped events. This oversight led to the erroneous skipping of isochronous transfer descriptors (TDs) when the system should have handled them differently. Instead of ensuring proper handling when faced with Stopped - Length Invalid events, the driver mistakenly cleared the skip flag, resulting in potential data loss and unreleased resources. A fix was introduced in version 6.11 to ensure that TDs are correctly recognized even when faced with complex stop scenarios, diminishing the chances of unnoticed resource processes and unintentional memory management issues.

Affected Version(s)

Linux d56b0b2ab142940b06eac56dcb3ab1ab88df38a2 < 6af20ac254cbd0e1178a3542767c9308e209eee5

Linux d56b0b2ab142940b06eac56dcb3ab1ab88df38a2 < 49cf6f5293aeb706dd672608478336a003f37df6

Linux d56b0b2ab142940b06eac56dcb3ab1ab88df38a2

References

https://git.kernel.org/stable/c/6af20ac254cbd0e1178a35427...

https://git.kernel.org/stable/c/49cf6f5293aeb706dd6726084...

https://git.kernel.org/stable/c/de9e78167f760a699806793d7...

Timeline

Vulnerability published
Apr 16, 2025
Vulnerability Reserved
Dec 29, 2024