Home

Description

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_eem: Fix memory leak in eem_unwrap The existing code did not handle the failure case of usb_ep_queue in the command path, potentially leading to memory leaks. Improve error handling to free all allocated resources on usb_ep_queue failure. This patch continues to use goto logic for error handling, as the existing error handling is complex and not easily adaptable to auto-cleanup helpers. kmemleak results: unreferenced object 0xffffff895a512300 (size 240): backtrace: slab_post_alloc_hook+0xbc/0x3a4 kmem_cache_alloc+0x1b4/0x358 skb_clone+0x90/0xd8 eem_unwrap+0x1cc/0x36c unreferenced object 0xffffff8a157f4000 (size 256): backtrace: slab_post_alloc_hook+0xbc/0x3a4 __kmem_cache_alloc_node+0x1b4/0x2dc kmalloc_trace+0x48/0x140 dwc3_gadget_ep_alloc_request+0x58/0x11c usb_ep_alloc_request+0x40/0xe4 eem_unwrap+0x204/0x36c unreferenced object 0xffffff8aadbaac00 (size 128): backtrace: slab_post_alloc_hook+0xbc/0x3a4 __kmem_cache_alloc_node+0x1b4/0x2dc __kmalloc+0x64/0x1a8 eem_unwrap+0x218/0x36c unreferenced object 0xffffff89ccef3500 (size 64): backtrace: slab_post_alloc_hook+0xbc/0x3a4 __kmem_cache_alloc_node+0x1b4/0x2dc kmalloc_trace+0x48/0x140 eem_unwrap+0x238/0x36c

PUBLISHED Reserved 2025-12-16 | Published 2025-12-16 | Updated 2025-12-16 | Assigner Linux

Product status

Default status
unaffected

3b545788505b2e2883aff13bdddeacaf88942a4f (git) before a9985a88b2fc29fbe1657fe8518908e261d6889c
affected

4249d6fbc10fd997abdf8a1ea49c0389a0edf706 (git) before 5a1628283cd9dccf1e44acfb74e77504f4dc7472
affected

4249d6fbc10fd997abdf8a1ea49c0389a0edf706 (git) before 0ac07e476944a5e4c2b8b087dd167dec248c1bdf
affected

4249d6fbc10fd997abdf8a1ea49c0389a0edf706 (git) before 41434488ca714ab15cb2a4d0378418d1be8052d2
affected

4249d6fbc10fd997abdf8a1ea49c0389a0edf706 (git) before e72c963177c708a167a7e17ed6c76320815157cf
affected

4249d6fbc10fd997abdf8a1ea49c0389a0edf706 (git) before 0dea2e0069a7e9aa034696f8065945b7be6dd6b7
affected

4249d6fbc10fd997abdf8a1ea49c0389a0edf706 (git) before e4f5ce990818d37930cd9fb0be29eee0553c59d9
affected

d55a236f1bab102e353ea5abb7b7b6ff7e847294 (git)
affected

8e275d3d5915a8f7db3786e3f84534bb48245f4c (git)
affected

3680a6ff9a9ccd3c664663da04bef2534397d591 (git)
affected

d654be97e1b679616e3337b871a9ec8f31a88841 (git)
affected

8bdef7f21cb6e53c0ce3e1cbcb05975aa0dd0fe9 (git)
affected

77d7f071883cf2921a7547f82e41f15f7f860e35 (git)
affected

a55093941e38113dd6f5f5d5d2705fec3018f332 (git)
affected

Default status
affected

5.14
affected

Any version before 5.14
unaffected

5.10.247 (semver)
unaffected

5.15.197 (semver)
unaffected

6.1.159 (semver)
unaffected

6.6.119 (semver)
unaffected

6.12.61 (semver)
unaffected

6.17.11 (semver)
unaffected

6.18 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/a9985a88b2fc29fbe1657fe8518908e261d6889c

git.kernel.org/...c/5a1628283cd9dccf1e44acfb74e77504f4dc7472

git.kernel.org/...c/0ac07e476944a5e4c2b8b087dd167dec248c1bdf

git.kernel.org/...c/41434488ca714ab15cb2a4d0378418d1be8052d2

git.kernel.org/...c/e72c963177c708a167a7e17ed6c76320815157cf

git.kernel.org/...c/0dea2e0069a7e9aa034696f8065945b7be6dd6b7

git.kernel.org/...c/e4f5ce990818d37930cd9fb0be29eee0553c59d9

cve.org (CVE-2025-68289)

nvd.nist.gov (CVE-2025-68289)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.