CVE-2025-40315

NONE EPSS 6.5%
Published Dec 8, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 8, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix epfile null pointer access after ep enable. A race condition occurs when ffs_func_eps_enable() runs concurrently with ffs_data_reset(). The ffs_data_clear() called in ffs_data_reset() sets ffs->epfiles to NULL before resetting ffs->eps_count to 0, leading to a NULL pointer dereference when accessing epfile->ep in ffs_func_eps_enable() after successful usb_ep_enable(). The ffs->epfiles pointer is set to NULL in both ffs_data_clear() and ffs_data_close() functions, and its modification is protected by the spinlock ffs->eps_lock. And the whole ffs_func_eps_enable() function is also protected by ffs->eps_lock. Thus, add NULL pointer handling for ffs->epfiles in the ffs_func_eps_enable() function to fix issues

Threat Intelligence

EPSS Exploit Probability
6.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/1c0dbd240be3f87cac321b14e17979b7e9cb6a8f
  • git.kernel.org https://git.kernel.org/stable/c/30880e9df27332403dd638a82c27921134b3630b
  • git.kernel.org https://git.kernel.org/stable/c/9ec40fba7357df2d36f4c2e2f3b9b1a4fba0a272
  • git.kernel.org https://git.kernel.org/stable/c/b00d2572c16e8e59e979960d3383c2ae9cebd195
  • git.kernel.org https://git.kernel.org/stable/c/c53e90563bc148e4e0ad09fe130ba2246d426ea6
  • git.kernel.org https://git.kernel.org/stable/c/cfd6f1a7b42f62523c96d9703ef32b0dbc495ba4
  • git.kernel.org https://git.kernel.org/stable/c/d62b808d5c68a931ad0849a00a5e3be3dd7e0019
  • git.kernel.org https://git.kernel.org/stable/c/fc1141a530dfc91f0ee19b7f422a2d24829584bc

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.