CVE-2025-37809CVSS 5.5Linux
CVE-2025-37809: linux kernel vulnerability
In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typec_partner_unlink_device can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protects both the device pointers and the partner device registration.
- CVSS
- 5.5 MEDIUM
- EPSS
- 5.74%
- Активно використовується
- немає в KEV
- Продукт
- linux kernel
Що відомо
In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typec_partner_unlink_device can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protects both the device pointers and the partner device registration.