CVE-2025-71154
Published: Jan 23, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usb_submit_urb() failure In async_set_registers(), when usb_submit_urb() fails, the allocated async_req structure and URB are not freed, causing a memory leak. The completion callback async_set_reg_cb() is responsible for freeing these allocations, but it is only called after the URB is successfully submitted and completes (successfully or with error). If submission fails, the callback never runs and the memory is leaked. Fix this by freeing both the URB and the request structure in the error path when usb_submit_urb() fails.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 4d12997a9bb3d217ad4b925ec3074ec89364bf95 - < a4e2442d3c48355a84463342f397134f149936d7affected 4d12997a9bb3d217ad4b925ec3074ec89364bf95 - < 2f966186b99550e3c665dbfb87b8314e30acea02affected 4d12997a9bb3d217ad4b925ec3074ec89364bf95 - < db2244c580540306d60ce783ed340190720cd429affected 4d12997a9bb3d217ad4b925ec3074ec89364bf95 - < 4bd4ea3eb326608ffc296db12c105f92dc2f2190affected 4d12997a9bb3d217ad4b925ec3074ec89364bf95 - < 6492ad6439ff1a479fc94dc6052df3628faed8b6+2 more versions |
Linux | Linux | affected 3.10unaffected 0 - < 3.10unaffected 5.10.248 - <= 5.10.*unaffected 5.15.198 - <= 5.15.*unaffected 6.1.160 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now