Vulnerabilities > CVE-2025-21917 - NULL Pointer Dereference vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Flush the notify_hotplug_work When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kernel NULL pointer dereference at virtual address" may occur. This issue points to the usbhsc_notify_hotplug() function. Flush the delayed work to avoid its execution when driver resources are unavailable.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/3248c1f833f924246cb98ce7da4569133c1b2292
- https://git.kernel.org/stable/c/394965f90454d6f00fe11879142b720c6c1a872e
- https://git.kernel.org/stable/c/4ca078084cdd5f32d533311d6a0b63a60dcadd41
- https://git.kernel.org/stable/c/4cd847a7b630a85493d0294ad9542c21aafaa246
- https://git.kernel.org/stable/c/552ca6b87e3778f3dd5b87842f95138162e16c82
- https://git.kernel.org/stable/c/830818c8e70c0364e377f0c243b28061ef7967eb
- https://git.kernel.org/stable/c/d50f5c0cd949593eb9a3d822b34d7b50046a06b7
- https://git.kernel.org/stable/c/e5aac1c9b2974636db7ce796ffa6de88fa08335e