CVE-2025-21776

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel has been resolved, related to the USB hub driver. The issue occurs when a non-compliant device with multiple configurations or interfaces is connected, causing the usb hub to struct hub() function to dereference a NULL or inappropriate pointer. This can lead to a general protection fault. The problem arises because the hub driver binds to interface 1 instead of interface 0, which is where usb hub to struct hub() looks. The vulnerability can be prevented by refusing to accept hub devices that violate the USB specification.

Recommendations For Linux kernel versions prior to the fixed version, consider applying a patch that refuses to accept hub devices with more than one configuration or interface to prevent the problem from occurring. As a temporary workaround, consider disabling the usb hub adjust deviceremovable() function until a patch is available. Restrict access to the usb hub wq workqueue to minimize the risk of exploitation. Avoid using devices with multiple configurations or interfaces until the issue is resolved.