CVE-2025-38497
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38497
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38497.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38497
- Downstream
- Related
- Published
- 2025-07-28T11:22:05.855Z
- Modified
- 2025-11-28T02:34:03.065113Z
- Summary
- usb: gadget: configfs: Fix OOB read on empty string write
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: configfs: Fix OOB read on empty string write
When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero.
This patch fixes the vulnerability by adding a check at the beginning of osdescqwsignstore() and webusblandingPagestore() to handle the zero-length input case gracefully by returning immediately.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38497.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/15a87206879951712915c03c8952a73d6a74721e
- https://git.kernel.org/stable/c/22b7897c289cc25d99c603f5144096142a30d897
- https://git.kernel.org/stable/c/2798111f8e504ac747cce911226135d50b8de468
- https://git.kernel.org/stable/c/3014168731b7930300aab656085af784edc861f6
- https://git.kernel.org/stable/c/58bdd5160184645771553ea732da5c2887fc9bd1
- https://git.kernel.org/stable/c/783ea37b237a9b524f1e5ca018ea17d772ee0ea0
- https://git.kernel.org/stable/c/78b41148cfea2a3f04d87adf3a71b21735820a37
- https://git.kernel.org/stable/c/d68b7c8fefbaeae8f065b84e40cf64baf4cc0c76
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38497.json
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-38497
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed78b41148cfea2a3f04d87adf3a71b21735820a37Fixedd68b7c8fefbaeae8f065b84e40cf64baf4cc0c76Fixed15a87206879951712915c03c8952a73d6a74721eFixed2798111f8e504ac747cce911226135d50b8de468Fixed58bdd5160184645771553ea732da5c2887fc9bd1Fixed783ea37b237a9b524f1e5ca018ea17d772ee0ea0Fixed22b7897c289cc25d99c603f5144096142a30d897Fixed3014168731b7930300aab656085af784edc861f6
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.297
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.241
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.190
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.147
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.100
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.40
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.15.8