CVE-2025-37990

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-37990

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37990.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-37990

Downstream

BELL-CVE-2025-37990

DEBIAN-CVE-2025-37990

DLA-4271-1

DSA-5925-1

ECHO-ba1e-3fa1-f5dc

OESA-2025-2120

OESA-2025-2121

OESA-2025-2122

SUSE-SU-2025:01964-1

SUSE-SU-2025:01965-1

SUSE-SU-2025:02923-1

UBUNTU-CVE-2025-37990

USN-7649-1

USN-7649-2

USN-7650-1

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7665-1

USN-7665-2

USN-7686-1

USN-7711-1

USN-7712-1

USN-7712-2

USN-7721-1

Related

Published

2025-05-20T18:15:45Z

Modified

2025-08-13T00:00:21Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: brcm80211: fmac: Add error handling for brcmfusbdl_writeimage()

The function brcmfusbdlwriteimage() calls the function brcmfusbdlcmd() but dose not check its return value. The 'state.state' and the 'state.bytes' are uninitialized if the function brcmfusbdl_cmd() fails. It is dangerous to use uninitialized variables in the conditions.

Add error handling for brcmfusbdlcmd() to jump to error handling path if the brcmfusbdlcmd() fails and the 'state.state' and the 'state.bytes' are uninitialized.

Improve the error message to report more detailed error information.

References

Affected packages