CVE-2025-38448

MEDIUM EPSS 1.8%
Published Jul 25, 202511mo ago · Modified Jun 17, 20261w ago
4.7 CVSS 3.1
Medium
Find Similar
Published Jul 25, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Fix race condition in TTY wakeup A race condition occurs when gs_start_io() calls either gs_start_rx() or gs_start_tx(), as those functions briefly drop the port_lock for usb_ep_queue(). This allows gs_close() and gserial_disconnect() to clear port.tty and port_usb, respectively. Use the null-safe TTY Port helper function to wake up TTY. Example CPU1: CPU2: gserial_connect() // lock gs_close() // await lock gs_start_rx() // unlock usb_ep_queue() gs_close() // lock, reset port.tty and unlock gs_start_rx() // lock tty_wakeup() // NPE

CVSS Details

Base Score
4.7
Exploitability
1.0
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
1.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-362

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥3.5  –  <5.4.296
linuxlinux_kernel*≥5.5  –  <5.10.240
linuxlinux_kernel*≥5.11  –  <5.15.189
linuxlinux_kernel*≥5.16  –  <6.1.146
linuxlinux_kernel*≥6.2  –  <6.6.99
linuxlinux_kernel*≥6.7  –  <6.12.39
linuxlinux_kernel*≥6.13  –  <6.15.7
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/18d58a467ccf011078352d91b4d6a0108c7318e8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5012673d49788f16bb4e375b002d7743eb642d9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/abf3620cba68e0e51e5c21054ce4f925f75b3661
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c529c3730bd09115684644e26bf01ecbd7e2c2c9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c6eb4a05af3d0ba3bc4e8159287722fb9abc6359
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8c80a3a35c2e3488409de2d5376ef7e662a2bf5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d43657b59f36e88289a6066f15bc9a80df5014eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ee8d688e2ba558f3bb8ac225113740be5f335417
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/18d58a467ccf011078352d91b4d6a0108c7318e8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5012673d49788f16bb4e375b002d7743eb642d9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/abf3620cba68e0e51e5c21054ce4f925f75b3661
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c529c3730bd09115684644e26bf01ecbd7e2c2c9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c6eb4a05af3d0ba3bc4e8159287722fb9abc6359
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8c80a3a35c2e3488409de2d5376ef7e662a2bf5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d43657b59f36e88289a6066f15bc9a80df5014eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ee8d688e2ba558f3bb8ac225113740be5f335417
    Patch