CVE-2025-37811

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-37811

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-37811.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-37811

Downstream

BELL-CVE-2025-37811

DEBIAN-CVE-2025-37811

DLA-4193-1

ECHO-c412-7d9c-4a7e

MINI-cx5r-5fg9-f96q

OESA-2025-1511

OESA-2025-1512

ROOT-OS-DEBIAN-12-CVE-2025-37811

ROOT-OS-UBUNTU-2204-CVE-2025-37811

ROOT-OS-UBUNTU-2404-CVE-2025-37811

SUSE-SU-2025:02249-1

SUSE-SU-2025:02254-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02333-1

SUSE-SU-2025:02335-1

SUSE-SU-2025:02538-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:20475-1

SUSE-SU-2025:20483-1

SUSE-SU-2025:20493-1

SUSE-SU-2025:20498-1

Related

Published

2025-05-08T06:26:08.746Z

Modified

2026-03-23T05:01:59.293361409Z

Summary

usb: chipidea: ci_hdrc_imx: fix usbmisc handling

Details

In the Linux kernel, the following vulnerability has been resolved:

usb: chipidea: cihdrcimx: fix usbmisc handling

usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value.

Check that before dereferencing the pointer.

Found by Linux Verification Center (linuxtesting.org) with Svace static analysis tool.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37811.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3f46fefab962fc5dcfe4d53a7c2cdccd51ebdc6d

Fixed

8060b719676e8c0e5a2222c2977ba0458d9d9535

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

7ae96eba35036bdd47ecd956e882ff057a550405

Fixed

0ee460498ced49196149197c9f6d29a10e5e0798

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

dcd4de31bd01a7189c24e3cafe40649c9c42b9af

Fixed

121e9f80ea5478bca3a8f3f26593fd66f87da649

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

57797497a696cffaea421fc4e5a3ea2a8536b1a2

Fixed

887902ca73490f38c69fd6149ef361a041cf912f

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

74adad500346fb07d69af2c79acbff4adb061134

Fixed

2aa87bd825377f5073b76701780a902cd0fc725a

Fixed

4e28f79e3dffa52d327b46d1a78dac16efb5810b

Affected versions

v5.*

v5.15.179

v5.15.180

v6.*

v6.1.129

v6.1.130

v6.1.131

v6.1.132

v6.1.133

v6.1.134

v6.1.135

v6.12.10

v6.12.11

v6.12.12

v6.12.13

v6.12.14

v6.12.15

v6.12.16

v6.12.17

v6.12.18

v6.12.19

v6.12.20

v6.12.21

v6.12.22

v6.12.23

v6.12.24

v6.12.25

v6.13

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.14.1

v6.14.2

v6.14.3

v6.14.4

v6.15-rc1

v6.6.72

v6.6.73

v6.6.74

v6.6.75

v6.6.76

v6.6.77

v6.6.78

v6.6.79

v6.6.80

v6.6.81

v6.6.82

v6.6.83

v6.6.84

v6.6.85

v6.6.86

v6.6.87

v6.6.88

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-37811.json"