CVE-2025-40314
usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget
References
Notes
carnil> First introducing commit could not be determined.
Bugs
Status
| Branch | Status |
|---|---|
| upstream | released (6.18-rc1) [87c5ff5615dc0a37167e8faf3adeeddc6f1344a3] |
| 6.18-upstream-stable | N/A "Fixed before branching point" |
| 6.17-upstream-stable | released (6.17.8) [fdf573c517627a96f5040f988e9b21267806be5c] |
| 6.12-upstream-stable | released (6.12.58) [9c52f01429c377a2d32cafc977465f37b5384f77] |
| 6.6-upstream-stable | released (6.6.117) [ea37884097a0931abb8e11e40eacfb25e9fdb5e9] |
| 6.1-upstream-stable | released (6.1.159) [37158ce6ba964b62d1e3eebd11f03c6900a52dd1] |
| 5.10-upstream-stable | needed |
| sid | released (6.17.8-1) |
| 6.12-trixie-security | released (6.12.63-1) |
| 6.1-bookworm-security | released (6.1.159-1) |
| 5.10-bullseye-security | needed |