CVE-2025-38448
Published: Jul 25, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Fix race condition in TTY wakeup A race condition occurs when gs_start_io() calls either gs_start_rx() or gs_start_tx(), as those functions briefly drop the port_lock for usb_ep_queue(). This allows gs_close() and gserial_disconnect() to clear port.tty and port_usb, respectively. Use the null-safe TTY Port helper function to wake up TTY. Example CPU1: CPU2: gserial_connect() // lock gs_close() // await lock gs_start_rx() // unlock usb_ep_queue() gs_close() // lock, reset port.tty and unlock gs_start_rx() // lock tty_wakeup() // NPE
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 35f95fd7f234d2b58803bab6f6ebd6bb988050a2 - < 18d58a467ccf011078352d91b4d6a0108c7318e8affected 35f95fd7f234d2b58803bab6f6ebd6bb988050a2 - < d43657b59f36e88289a6066f15bc9a80df5014ebaffected 35f95fd7f234d2b58803bab6f6ebd6bb988050a2 - < a5012673d49788f16bb4e375b002d7743eb642d9affected 35f95fd7f234d2b58803bab6f6ebd6bb988050a2 - < ee8d688e2ba558f3bb8ac225113740be5f335417affected 35f95fd7f234d2b58803bab6f6ebd6bb988050a2 - < c6eb4a05af3d0ba3bc4e8159287722fb9abc6359+3 more versions |
Linux | Linux | affected 3.5unaffected 0 - < 3.5unaffected 5.4.296 - <= 5.4.*unaffected 5.10.240 - <= 5.10.*unaffected 5.15.189 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now