Linux Kernel Vulnerability in CXUSB Media Driver by Linux Foundation
CVE-2025-38229

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 July 2025

What is CVE-2025-38229?

A vulnerability has been identified in the CXUSB media driver within the Linux kernel. This issue arises during the USB bulk message write operation, where certain conditions lead to an uninitialized variable. Specifically, when the write operation of usb_bulk_msg() fails and the operation returns a length (rlen) of 1, the subsequent read operation from the device does not occur. Consequently, a critical variable, i, is not initialized, which can result in unreliable behavior and potential security risks in systems utilizing this driver.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 22c6d93a73105fddd58796d7cb10f5f90ee2a338 < 77829a5f5a74026b888b0529628475b29750cef4

Linux 22c6d93a73105fddd58796d7cb10f5f90ee2a338 < 390b864e3281802109dfe56e508396683e125653

Linux 22c6d93a73105fddd58796d7cb10f5f90ee2a338 < 41807a5f67420464ac8ee7741504f6b5decb3b7c

References

https://git.kernel.org/stable/c/77829a5f5a74026b888b05296...
https://git.kernel.org/stable/c/390b864e3281802109dfe56e5...
https://git.kernel.org/stable/c/41807a5f67420464ac8ee7741...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.