CVE-2026-43421
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk3th percentile - higher than 3% of all known CVEs
Summary
A vulnerability in the Linux kernel related to the lifecycle of the network device has been fixed, where the network device outlived its parent gadget device during disconnection, leading to sysfs link issues and null pointer dereference problems.
Risk Assessment
Organizations may experience issues with DHCP server functionality on pmOS-based systems, potentially disrupting network communication.
Recommendation
It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and ensure proper operation of network devices during disconnect and reconnect cycles.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix net_device lifecycle with device_move The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to solve this by removing SET_NETDEV_DEV entirely [1] was reverted due to power management ordering concerns and a NO-CARRIER regression. A subsequent attempt to defer net_device allocation to bind [2] broke 1:1 mapping between function instance and network device, making it impossible for configfs to report the resolved interface name. This results in a regression where the DHCP server fails on pmOS. Use device_move to reparent the net_device between the gadget device and /sys/devices/virtual/ across bind/unbind cycles. This preserves the network interface across USB reconnection, allowing the DHCP server to retain their binding. Introduce gether_attach_gadget()/gether_detach_gadget() helpers and use __free(detach_gadget) macro to undo attachment on bind failure. The bind_count ensures device_move executes only on the first bind. [1] https://lore.kernel.org/lkml/[email protected]/ [2] https://lore.kernel.org/linux-usb/[email protected]/

