In the Linux kernel, the following vulnerability has been resolved: usb: core: Prevent null pointer dereference in updateportdevicestate Currently, the function updateportdevicestate gets the usbhub from udev->parent by calling usbhubtostructhub. However, in case the actconfig or the maxchild is 0, the usbhub would be NULL and upon further accessing to get portdev would result in null pointer dereference. Fix this by introducing an if check after the usbhub is populated.