Linux Kernel DWC2 USB Driver Memory Leak Vulnerability

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's DWC2 USB driver. The issue arises in the 'dwc2_hcd_init' function, where memory is allocated for the host controller driver (HCD). If 'platform_get_resource()' fails, the allocated memory is not properly freed, leading to a memory leak. The vulnerability has been addressed by modifying the error handling to ensure that the memory is released appropriately.

Impact

Exploitation of this vulnerability could lead to a memory leak, causing increased memory usage and potentially leading to a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel DWC2 USB Driver Memory Leak Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating