CVE-2025-38535

Summary

In the Linux kernel, the following vulnerability has been resolved:

phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode

When transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-on, regulator_is_enabled() continues to return true, leading to an incorrect attempt to disable a regulator which is not enabled.

This can result in warnings such as:

[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004 _regulator_disable+0xe4/0x1a0 [ 250.155652] unbalanced disables for VIN_SYS_5V0

To fix this, we move the regulator control logic into tegra186_xusb_padctl_id_override() function since it's directly related to the ID override state. The regulator is now only disabled when the role transitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID register. This ensures that regulator enable/disable operations are properly balanced and only occur when actually transitioning to/from host mode.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 < ceb645ac6ce052609ee5c8f819a80e8881789b04affected
LinuxLinux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 < cdcb0ffd6448f6be898956913a42bd08e59fb2aeaffected
LinuxLinux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 < 1bb85b5c2bd43b687c3d54eb6328917f90dd38fcaffected
LinuxLinux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 < 5367cdeb75cb6c687ca468450bceb2602ab239d8affected
LinuxLinux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 < ec7f98ff05f0649af0adeb4808c7ba23d6111ef9affected
LinuxLinux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 < eaa420339658615d26c1cc95cd6cf720b9aebfcaaffected
LinuxLinux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 < cefc1caee9dd06c69e2d807edc5949b329f52b22affected
LinuxLinux5.7affected
LinuxLinux0 < 5.7unaffected
LinuxLinux5.10.241 <= 5.10.*unaffected
LinuxLinux5.15.190 <= 5.15.*unaffected
LinuxLinux6.1.147 <= 6.1.*unaffected
LinuxLinux6.6.100 <= 6.6.*unaffected
LinuxLinux6.12.40 <= 6.12.*unaffected
LinuxLinux6.15.8 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References