CVE-2025-21918
usb: typec: ucsi: Fix NULL pointer access
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Fix NULL pointer access
Resources should be released only after all threads that utilize them
have been destroyed.
This commit ensures that resources are not released prematurely by waiting
for the associated workqueue to complete before deallocating them.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/079a3e52f3e751bb8f5937195bdf25c5d14fdff0https://git.kernel.org/stable/c/46fba7be161bb89068958138ea64ec33c0b446d4https://git.kernel.org/stable/c/592a0327d026a122e97e8e8bb7c60cbbe7697344https://git.kernel.org/stable/c/7a735a8a46f6ebf898bbefd96659ca5da798bce0https://git.kernel.org/stable/c/b13abcb7ddd8d38de769486db5bd917537b32ab1https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html