CVE-2025-38474

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: net: sierra: check for no status endpoint

The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < 0a263ccb905b4ae2af381cd4280bd8d2477b98b8affected
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < 5408cc668e596c81cdd29e137225432aa40d1785affected
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < a6a238c4126eb3ddb495d3f960193ca5bb778d92affected
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < 5849980faea1c792d1d5e54fdbf1e69ac0a9bfb9affected
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < 5dd6a441748dad2f02e27b256984ca0b2d4546b6affected
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < 65c666aff44eb7f9079c55331abd9687fb77ba2daffected
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < bfe8ef373986e8f185d3d6613eb1801a8749837aaffected
LinuxLinuxeb4fd8cd355c8ec425a12ec6cbdac614e8a4819d < 4c4ca3c46167518f8534ed70f6e3b4bf86c4d158affected
LinuxLinux2.6.34affected
LinuxLinux0 < 2.6.34unaffected
LinuxLinux5.4.297 <= 5.4.*unaffected
LinuxLinux5.10.241 <= 5.10.*unaffected
LinuxLinux5.15.190 <= 5.15.*unaffected
LinuxLinux6.1.147 <= 6.1.*unaffected
LinuxLinux6.6.100 <= 6.6.*unaffected
LinuxLinux6.12.40 <= 6.12.*unaffected
LinuxLinux6.15.8 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References