Network Vulnerability in LAN78XX USB Driver by Linux Kernel
CVE-2025-38385

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38385?

A vulnerability in the LAN78XX USB driver within the Linux kernel can lead to a warning during the device disconnect process. This warning occurs due to the redundant call of netif_napi_del() while NAPI is still enabled, which is unnecessary as the unregister_netdev() function manages the NAPI teardown safely. This issue raises alerts without any functional impact on the device, but rectifying it prevents undesired warnings that may obscure other critical notifications in the system logs.

Affected Version(s)

Linux ec4c7e12396b1a30fbacfa68425118f5b46ea878 < 7135056a49035597198280820c61b8c5dbe4a1d0

Linux ec4c7e12396b1a30fbacfa68425118f5b46ea878 < 968a419c95131e420f12bbdba19e96e2f6b071c4

Linux ec4c7e12396b1a30fbacfa68425118f5b46ea878 < 510a6095d754df9d727f644ec5076b7929d6c9ea

References

https://git.kernel.org/stable/c/7135056a49035597198280820...

https://git.kernel.org/stable/c/968a419c95131e420f12bbdba...

https://git.kernel.org/stable/c/510a6095d754df9d727f644ec...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025