CVE-2025-40095

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usb: gadget: f_rndis: Refactor bind path to use __free()<br /> <br /> After an bind/unbind cycle, the rndis-&gt;notify_req is left stale. If a<br /> subsequent bind fails, the unified error label attempts to free this<br /> stale request, leading to a NULL pointer dereference when accessing<br /> ep-&gt;ops-&gt;free_request.<br /> <br /> Refactor the error handling in the bind path to use the __free()<br /> automatic cleanup mechanism.