Race Condition in TTY Wakeup in Linux Kernel USB Gadget
CVE-2025-38448

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38448?

In the Linux kernel, a vulnerability has been identified in the USB gadget subsystem, specifically in the TTY wakeup process. This issue arises from a race condition during the execution of gs_start_io() which interacts with gs_start_rx() or gs_start_tx(). The port_lock is briefly released, allowing operations such as gs_close() and gserial_disconnect() to invalidate the TTY's port context. Utilizing a null-safe TTY Port helper function is recommended for synchronizing TTY wakeup, thereby preventing potential null pointer exceptions.

Affected Version(s)

Linux 35f95fd7f234d2b58803bab6f6ebd6bb988050a2 < 18d58a467ccf011078352d91b4d6a0108c7318e8

Linux 35f95fd7f234d2b58803bab6f6ebd6bb988050a2

References

https://git.kernel.org/stable/c/18d58a467ccf011078352d91b...

https://git.kernel.org/stable/c/d43657b59f36e88289a6066f1...

https://git.kernel.org/stable/c/a5012673d49788f16bb4e375b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025