CVE-2025-38448
Severity CVSS v4.0:
Pending analysis
Type:
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
25/07/2025
Last modified:
22/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
usb: gadget: u_serial: Fix race condition in TTY wakeup<br />
<br />
A race condition occurs when gs_start_io() calls either gs_start_rx() or<br />
gs_start_tx(), as those functions briefly drop the port_lock for<br />
usb_ep_queue(). This allows gs_close() and gserial_disconnect() to clear<br />
port.tty and port_usb, respectively.<br />
<br />
Use the null-safe TTY Port helper function to wake up TTY.<br />
<br />
Example<br />
CPU1: CPU2:<br />
gserial_connect() // lock<br />
gs_close() // await lock<br />
gs_start_rx() // unlock<br />
usb_ep_queue()<br />
gs_close() // lock, reset port.tty and unlock<br />
gs_start_rx() // lock<br />
tty_wakeup() // NPE
Impact
Base Score 3.x
4.70
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.5 (including) | 5.4.296 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.240 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.189 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.146 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.99 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.39 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.15.7 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/18d58a467ccf011078352d91b4d6a0108c7318e8
- https://git.kernel.org/stable/c/a5012673d49788f16bb4e375b002d7743eb642d9
- https://git.kernel.org/stable/c/abf3620cba68e0e51e5c21054ce4f925f75b3661
- https://git.kernel.org/stable/c/c529c3730bd09115684644e26bf01ecbd7e2c2c9
- https://git.kernel.org/stable/c/c6eb4a05af3d0ba3bc4e8159287722fb9abc6359
- https://git.kernel.org/stable/c/c8c80a3a35c2e3488409de2d5376ef7e662a2bf5
- https://git.kernel.org/stable/c/d43657b59f36e88289a6066f15bc9a80df5014eb
- https://git.kernel.org/stable/c/ee8d688e2ba558f3bb8ac225113740be5f335417
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html