CVE-2025-40093

Published: Oct 30, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ecm: Refactor bind path to use __free() After an bind/unbind cycle, the ecm->notify_req is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer dereference when accessing ep->ops->free_request. Refactor the error handling in the bind path to use the __free() automatic cleanup mechanism.

Vendor	Product	Versions
Linux	Linux	affected `da741b8c56d612b5dd26ffa31341911a5fea23ee - < d3745aaef19198d0c81637a7dd50ef53c4f879b7` affected `da741b8c56d612b5dd26ffa31341911a5fea23ee - < 070f341d86cf2c098d63e484a86c7c1d2696a868` affected `da741b8c56d612b5dd26ffa31341911a5fea23ee - < 15b9faf53ba8719700596e7ef78879ce200e8c2e` affected `da741b8c56d612b5dd26ffa31341911a5fea23ee - < 4630c68bade82f087eaaab22e9a361da2f18d139` affected `da741b8c56d612b5dd26ffa31341911a5fea23ee - < 42988380ac67c76bb9dff8f77d7ef3eefd50b7b5`
Linux	Linux	affected `2.6.27` unaffected `0 - < 2.6.27` unaffected `6.1.158 - <= 6.1.` unaffected `6.6.114 - <= 6.6.` unaffected `6.12.55 - <= 6.12.*` +2 more versions

References

https://git.kernel.org/stable/c/d3745aaef19198d0c81637a7dd50ef53c4f879b7

https://git.kernel.org/stable/c/070f341d86cf2c098d63e484a86c7c1d2696a868

https://git.kernel.org/stable/c/15b9faf53ba8719700596e7ef78879ce200e8c2e

https://git.kernel.org/stable/c/4630c68bade82f087eaaab22e9a361da2f18d139

https://git.kernel.org/stable/c/42988380ac67c76bb9dff8f77d7ef3eefd50b7b5

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40093

Description

Affected Products

References