Linux · Linux Kernel · CVE-2022-49398
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
A vulnerability in the Linux kernel has been resolved. The issue occurs when the `list for each entry safe()` macro is used with gadget giveback, allowing other routines to execute while items are being removed from the `cancelled list`. This can lead to a situation where a request is referenced after it has been removed, causing a panic when list debug is enabled. The vulnerability is related to the `dwc3 gadget ep cleanup cancelled requests()` function and the `dwc3 gadget giveback()` function.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.