Upstream information
Description
In the Linux kernel, the following vulnerability has been resolved:most: usb: fix double free on late probe failure
The MOST subsystem has a non-standard registration function which frees
the interface on registration failures and on deregistration.
This unsurprisingly leads to bugs in the MOST drivers, and a couple of
recent changes turned a reference underflow and use-after-free in the
USB driver into several double free and a use-after-free on late probe
failures.
SUSE information
Overall state of this security issue: Does not affect SUSE products
SUSE Bugzilla entry: 1255154 [NEW] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Wed Dec 17 13:04:55 2025CVE page last modified: Wed Dec 17 13:04:55 2025