CVE-2025-71145

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usb: phy: isp1301: fix non-OF device reference imbalance<br /> <br /> A recent change fixing a device reference leak in a UDC driver<br /> introduced a potential use-after-free in the non-OF case as the<br /> isp1301_get_client() helper only increases the reference count for the<br /> returned I2C device in the OF case.<br /> <br /> Increment the reference count also for non-OF so that the caller can<br /> decrement it unconditionally.<br /> <br /> Note that this is inherently racy just as using the returned I2C device<br /> is since nothing is preventing the PHY driver from being unbound while<br /> in use.