Fixed
Created: Apr 16, 2025
Updated: Jun 10, 2025
Resolved Date: May 28, 2025
Found In Version: 10.22.33.1
Fix Version: 10.22.33.21
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
usbnet:fix NPE during rx_complete
Missing usbnet_going_away Check in Critical Path.
The usb_submit_urb function lacks a usbnet_going_away
validation, whereas __usbnet_queue_skb includes this check.
This inconsistency creates a race condition where:
A URB request may succeed, but the corresponding SKB data
fails to be queued.
Subsequent processes:
(e.g., rx_complete ? defer_bh ? __skb_unlink(skb, list))
attempt to access skb->next, triggering a NULL pointer
dereference (Kernel Panic).
CREATE(Triage):(User=admin) CVE-2025-22050 (https://nvd.nist.gov/vuln/detail/CVE-2025-22050)
