Null Pointer Dereference Vulnerability in Linux Kernel Affected by USB Gadget
CVE-2025-37881

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
9 May 2025

What is CVE-2025-37881?

A vulnerability in the Linux kernel within the USB gadget subsystem has been identified, wherein a NULL pointer dereference can occur due to an unchecked variable returned by the devm_kasprintf() function. This issue arises in the ast_vhub_init_dev() function and could lead to unexpected behavior or system instability. To mitigate this risk, a pointer validity check has been introduced. This fix enhances device management security and prevents potential exploitation, following similar resolutions made for related vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 7ecca2a4080cb6b1fa174adc588fce9e9014c43c

Linux 7ecca2a4080cb6b1fa174adc588fce9e9014c43c

Linux 7ecca2a4080cb6b1fa174adc588fce9e9014c43c

References

https://git.kernel.org/stable/c/a777ccfb9ba8d43f745e41b69...
https://git.kernel.org/stable/c/c8d4faf452a627f9b09c3a5c3...
https://git.kernel.org/stable/c/d26a6093d52904cacdbb75424...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.