Main Vulnerability Database SB20250727101

SB20250727101 - Resource management error in Linux kernel usb chipidea driver

Published: July 27, 2025

Security Bulletin ID SB20250727101

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2025-38376)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the udc_suspend() and udc_resume() functions in drivers/usb/chipidea/udc.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/31a6afbe86e8e9deba9ab53876ec49eafc7fd901
https://git.kernel.org/stable/c/5fd585fedb79bac2af9976b0fa3ffa354f0cc0bb
https://git.kernel.org/stable/c/937f49be49d6ee696eb5457c21ff89c135c9b5ae
https://git.kernel.org/stable/c/c68a27bbebbdb4e0ccd45d4f0df7111a09ddac24