CVE-2025-38474

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38474
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38474.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38474
Downstream
Related
Published
2025-07-28T11:21:35.570Z
Modified
2026-03-12T02:15:32.286472Z
Summary
usb: net: sierra: check for no status endpoint
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: net: sierra: check for no status endpoint

The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38474.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
eb4fd8cd355c8ec425a12ec6cbdac614e8a4819d
Fixed
0a263ccb905b4ae2af381cd4280bd8d2477b98b8
Fixed
5408cc668e596c81cdd29e137225432aa40d1785
Fixed
a6a238c4126eb3ddb495d3f960193ca5bb778d92
Fixed
5849980faea1c792d1d5e54fdbf1e69ac0a9bfb9
Fixed
5dd6a441748dad2f02e27b256984ca0b2d4546b6
Fixed
65c666aff44eb7f9079c55331abd9687fb77ba2d
Fixed
bfe8ef373986e8f185d3d6613eb1801a8749837a
Fixed
4c4ca3c46167518f8534ed70f6e3b4bf86c4d158

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38474.json"