Description
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnet_link_change(dev, 0, 0); put the kevent work in global workqueue. However, the kevent has not yet been scheduled when the usbnet device is unregistered. Therefore, executing free_netdev() results in the "free active object (kevent)" error reported here. 2. Another factor is that when calling usbnet_disconnect()->unregister_netdev(), if the usbnet device is up, ndo_stop() is executed to cancel the kevent. However, because the device is not up, ndo_stop() is not executed. The solution to this problem is to cancel the kevent before executing free_netdev().
Product status
8b4588b8b00b299be16a35be67b331d8fdba03f3 (git) before 285d4b953f2ca03c358f986718dd89ee9bde632e
135199a2edd459d2b123144efcd7f9bcd95128e4 (git) before 88a38b135d69f5db9024ff6527232f1b51be8915
635fd8953e4309b54ca6a81bed1d4a87668694f4 (git) before 43005002b60ef3424719ecda16d124714b45da3b
a69e617e533edddf3fa3123149900f36e0a6dc74 (git) before 3a10619fdefd3051aeb14860e4d4335529b4e94d
a69e617e533edddf3fa3123149900f36e0a6dc74 (git) before 9a579d6a39513069d298eee70770bbac8a148565
a69e617e533edddf3fa3123149900f36e0a6dc74 (git) before 2ce1de32e05445d77fc056f6ff8339cfb78a5f84
a69e617e533edddf3fa3123149900f36e0a6dc74 (git) before 5158fb8da162e3982940f30cd01ed77bdf42c6fc
a69e617e533edddf3fa3123149900f36e0a6dc74 (git) before 420c84c330d1688b8c764479e5738bbdbf0a33de
d2d6b530d89b0a912148018027386aa049f0a309 (git)
e2a521a7dcc463c5017b4426ca0804e151faeff7 (git)
7f77dcbc030c2faa6d8e8a594985eeb34018409e (git)
d49bb8cf9bfaa06aa527eb30f1a52a071da2e32f (git)
db3b738ae5f726204876f4303c49cfdf4311403f (git)
6.0
Any version before 6.0
5.4.302 (semver)
5.10.247 (semver)
5.15.197 (semver)
6.1.159 (semver)
6.6.117 (semver)
6.12.58 (semver)
6.17.8 (semver)
6.18 (original_commit_for_fix)
References
git.kernel.org/...c/285d4b953f2ca03c358f986718dd89ee9bde632e
git.kernel.org/...c/88a38b135d69f5db9024ff6527232f1b51be8915
git.kernel.org/...c/43005002b60ef3424719ecda16d124714b45da3b
git.kernel.org/...c/3a10619fdefd3051aeb14860e4d4335529b4e94d
git.kernel.org/...c/9a579d6a39513069d298eee70770bbac8a148565
git.kernel.org/...c/2ce1de32e05445d77fc056f6ff8339cfb78a5f84
git.kernel.org/...c/5158fb8da162e3982940f30cd01ed77bdf42c6fc
git.kernel.org/...c/420c84c330d1688b8c764479e5738bbdbf0a33de
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.
