CVE-2025-21838

devicedel() can lead to new work being scheduled in gadget->work workqueue. This is observed, for example, with the dwc3 driver with the following call stack: devicedel() gadgetunbinddriver() usbgadgetdisconnectlocked() dwc3gadgetpullup() dwc3gadgetsoftdisconnect() usbgadgetsetstate() schedulework(&gadget->work)

Move flushwork() after devicedel() to ensure the workqueue is cleaned up.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21838.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

5702f75375aa9ecf8ad3431aef3fe6ce8c8dbd15

Fixed

e3bc1a9a67ce33a2e761e6e7b7c2afc6cb9b7266

Fixed

859cb45aefa6de823b2fa7f229fe6d9562c9f3b7

Fixed

f894448f3904d7ad66fecef8f01fe0172629e091

Fixed

97695b5a1b5467a4f91194db12160f56da445dfe

Fixed

399a45e5237ca14037120b1b895bd38a3b4492ea

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21838.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.12.0

Fixed

6.1.130

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.80

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.16

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.13.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21838.json"