CVE-2025-40315
BaseFortify
Publication date: 2025-12-08
Last updated on: 2025-12-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to a Linux kernel version that includes the fix for the race condition in the usb gadget f_fs driver, specifically the fix for epfile null pointer access after ep enable. This involves ensuring that the kernel version you are running has the updated ffs_func_eps_enable() function with NULL pointer handling for ffs->epfiles. Until patched, avoid running vulnerable kernel versions or disable the affected USB gadget functionality if possible.
Can you explain this vulnerability to me?
This vulnerability is a race condition in the Linux kernel's USB gadget function (f_fs). Specifically, when the function ffs_func_eps_enable() runs at the same time as ffs_data_reset(), a NULL pointer dereference can occur. This happens because ffs_data_clear(), called by ffs_data_reset(), sets a pointer (ffs->epfiles) to NULL before resetting a count, leading to an attempt to access a NULL pointer in ffs_func_eps_enable(). The issue was fixed by adding NULL pointer handling in ffs_func_eps_enable().
How can this vulnerability impact me? :
This vulnerability can cause a NULL pointer dereference in the Linux kernel, which may lead to a kernel crash or system instability when USB gadget functions are used. This could result in denial of service or unexpected behavior on affected systems.