CVE-2026-43421

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usb: gadget: f_ncm: Fix net_device lifecycle with device_move<br /> <br /> The network device outlived its parent gadget device during<br /> disconnection, resulting in dangling sysfs links and null pointer<br /> dereference problems.<br /> <br /> A prior attempt to solve this by removing SET_NETDEV_DEV entirely [1]<br /> was reverted due to power management ordering concerns and a NO-CARRIER<br /> regression.<br /> <br /> A subsequent attempt to defer net_device allocation to bind [2] broke<br /> 1:1 mapping between function instance and network device, making it<br /> impossible for configfs to report the resolved interface name. This<br /> results in a regression where the DHCP server fails on pmOS.<br /> <br /> Use device_move to reparent the net_device between the gadget device and<br /> /sys/devices/virtual/ across bind/unbind cycles. This preserves the<br /> network interface across USB reconnection, allowing the DHCP server to<br /> retain their binding.<br /> <br /> Introduce gether_attach_gadget()/gether_detach_gadget() helpers and use<br /> __free(detach_gadget) macro to undo attachment on bind failure. The<br /> bind_count ensures device_move executes only on the first bind.<br /> <br /> [1] https://lore.kernel.org/lkml/f2a4f9847617a0929d62025748384092e5f35cce.camel@crapouillou.net/<br /> [2] https://lore.kernel.org/linux-usb/795ea759-7eaf-4f78-81f4-01ffbf2d7961@ixit.cz/