CVE-2025-22050

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usbnet:fix NPE during rx_complete<br /> <br /> Missing usbnet_going_away Check in Critical Path.<br /> The usb_submit_urb function lacks a usbnet_going_away<br /> validation, whereas __usbnet_queue_skb includes this check.<br /> <br /> This inconsistency creates a race condition where:<br /> A URB request may succeed, but the corresponding SKB data<br /> fails to be queued.<br /> <br /> Subsequent processes:<br /> (e.g., rx_complete → defer_bh → __skb_unlink(skb, list))<br /> attempt to access skb-&gt;next, triggering a NULL pointer<br /> dereference (Kernel Panic).