Linux Kernel Vulnerability in USB Gadget Functionality
CVE-2025-40094

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 30 October 2025

What is CVE-2025-40094?

A vulnerability exists in the USB gadget subsystem of the Linux kernel that can lead to a NULL pointer dereference. Specifically, after a connect/disconnect cycle, a stale request can remain in an unstable state. If a subsequent connection attempt fails, the error handling mechanism attempts to free this request but encounters a NULL pointer, resulting in a serious stability issue. The vulnerability has prompted a refactor of the bind path to utilize an automatic cleanup mechanism, __free(), to ensure proper handling and prevent potential crashes.

Affected Version(s)

Linux 1f1ba11b64947051fc32aa15fcccef6463b433f7

Linux 1f1ba11b64947051fc32aa15fcccef6463b433f7 < 2b1546f7c5fc6c44555a8e7a2b34229d1dcd2175

Linux 1f1ba11b64947051fc32aa15fcccef6463b433f7

References

https://git.kernel.org/stable/c/c5d116862dd3ed162d079738a...

https://git.kernel.org/stable/c/2b1546f7c5fc6c44555a8e7a2...

https://git.kernel.org/stable/c/e348d18fb0124b662cfefb300...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2025
Vulnerability Reserved
Apr 16, 2025

JSON