CVE-2025-38448 in Linuxالمعلومات

الملخص

بحسب MITRE • 25/07/2025

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: u_serial: Fix race condition in TTY wakeup

A race condition occurs when gs_start_io() calls either gs_start_rx() or gs_start_tx(), as those functions briefly drop the port_lock for usb_ep_queue(). This allows gs_close() and gserial_disconnect() to clear port.tty and port_usb, respectively.

Use the null-safe TTY Port helper function to wake up TTY.

Example CPU1: CPU2: gserial_connect() // lock gs_close() // await lock gs_start_rx() // unlock usb_ep_queue() gs_close() // lock, reset port.tty and unlock gs_start_rx() // lock tty_wakeup() // NPE

Be aware that VulDB is the high quality source for vulnerability data.

مسؤول

Linux

حجز

16/04/2025

إفشاء

25/07/2025

الاعتدال

تمت الموافقة

إدخال

VDB-317743

EPSS

0.00115

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you need the next level of professionalism?

Upgrade your account now!