Improper error handling in Linux kernel brcm80211 brcmfmac driver

1) Improper error handling

EUVDB-ID: #VU109545

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37990

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the brcmf_usb_dl_writeimage() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.14 - 6.14.5

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:6.14:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.1:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.2:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.3:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.4:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.5:*:*:*:*:*:*:*

External links

https://git.kernel.org/stable/c/08424a0922fb9e32a19b09d852ee87fb6c497538
https://git.kernel.org/stable/c/508be7c001437bacad7b9a43f08a723887bcd1ea
https://git.kernel.org/stable/c/524b70441baba453b193c418e3142bd31059cc1f
https://git.kernel.org/stable/c/8e089e7b585d95122c8122d732d1d5ef8f879396
https://git.kernel.org/stable/c/bdb435ef9815b1ae28eefffa01c6959d0fcf1fa7
https://git.kernel.org/stable/c/fa9b9f02212574ee1867fbefb0a675362a71b31d
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.6

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.