CVE-2025-38474

Description

In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission.

Reserved 2025-04-16 | Published 2025-07-28 | Updated 2025-07-28 | Assigner Linux

Product status

Default status
unaffected

eb4fd8cd355c8ec425a12ec6cbdac614e8a4819d before 5849980faea1c792d1d5e54fdbf1e69ac0a9bfb9
affected

eb4fd8cd355c8ec425a12ec6cbdac614e8a4819d before 5dd6a441748dad2f02e27b256984ca0b2d4546b6
affected

eb4fd8cd355c8ec425a12ec6cbdac614e8a4819d before 65c666aff44eb7f9079c55331abd9687fb77ba2d
affected

eb4fd8cd355c8ec425a12ec6cbdac614e8a4819d before bfe8ef373986e8f185d3d6613eb1801a8749837a
affected

eb4fd8cd355c8ec425a12ec6cbdac614e8a4819d before 4c4ca3c46167518f8534ed70f6e3b4bf86c4d158
affected

Default status
affected

2.6.34
affected

Any version before 2.6.34
unaffected

6.1.147
unaffected

6.6.100
unaffected

6.12.40
unaffected

6.15.8
unaffected

6.16
unaffected

References

git.kernel.org/...c/5849980faea1c792d1d5e54fdbf1e69ac0a9bfb9

git.kernel.org/...c/5dd6a441748dad2f02e27b256984ca0b2d4546b6

git.kernel.org/...c/65c666aff44eb7f9079c55331abd9687fb77ba2d

git.kernel.org/...c/bfe8ef373986e8f185d3d6613eb1801a8749837a

git.kernel.org/...c/4c4ca3c46167518f8534ed70f6e3b4bf86c4d158

cve.org (CVE-2025-38474)

nvd.nist.gov (CVE-2025-38474)

Download JSON