CVE-2025-37990

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37990
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37990.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37990
Downstream
Related
Published
2025-05-20T18:15:45Z
Modified
2025-08-13T00:00:21Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: brcm80211: fmac: Add error handling for brcmfusbdl_writeimage()

The function brcmfusbdlwriteimage() calls the function brcmfusbdlcmd() but dose not check its return value. The 'state.state' and the 'state.bytes' are uninitialized if the function brcmfusbdl_cmd() fails. It is dangerous to use uninitialized variables in the conditions.

Add error handling for brcmfusbdlcmd() to jump to error handling path if the brcmfusbdlcmd() fails and the 'state.state' and the 'state.bytes' are uninitialized.

Improve the error message to report more detailed error information.

References

Affected packages