CVE-2025-21918

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-21918

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21918.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-21918

Downstream

BELL-CVE-2025-21918

DEBIAN-CVE-2025-21918

DLA-4193-1

DSA-5900-1

MINI-xh7m-x47f-vqm6

OESA-2025-1572

OESA-2025-1573

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

UBUNTU-CVE-2025-21918

USN-7605-1

USN-7605-2

USN-7606-1

USN-7628-1

USN-7764-1

USN-7764-2

USN-7765-1

USN-7766-1

USN-7767-1

USN-7767-2

USN-7779-1

USN-7790-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7802-1

Related

Published

2025-04-01T16:15:22Z

Modified

2025-10-01T20:18:33Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: ucsi: Fix NULL pointer access

Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated workqueue to complete before deallocating them.

References

Affected packages