CVE-2025-71154

medium

Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usb_submit_urb() failure In async_set_registers(), when usb_submit_urb() fails, the allocated async_req structure and URB are not freed, causing a memory leak. The completion callback async_set_reg_cb() is responsible for freeing these allocations, but it is only called after the URB is successfully submitted and completes (successfully or with error). If submission fails, the callback never runs and the memory is leaked. Fix this by freeing both the URB and the request structure in the error path when usb_submit_urb() fails.

References

https://git.kernel.org/stable/c/db2244c580540306d60ce783ed340190720cd429

https://git.kernel.org/stable/c/a4e2442d3c48355a84463342f397134f149936d7

https://git.kernel.org/stable/c/6492ad6439ff1a479fc94dc6052df3628faed8b6

https://git.kernel.org/stable/c/4bd4ea3eb326608ffc296db12c105f92dc2f2190

https://git.kernel.org/stable/c/2f966186b99550e3c665dbfb87b8314e30acea02

https://git.kernel.org/stable/c/151403e903840c9cf06754097b6732c14f26c532

https://git.kernel.org/stable/c/12cab1191d9890097171156d06bfa8d31f1e39c8

Details

Source: Mitre, NVD

Published: 2026-01-23

Updated: 2026-01-23

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024