CVE-2025-38134
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38134
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38134.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38134
- Downstream
- Published
- 2025-07-03T08:35:37.674Z
- Modified
- 2025-11-20T09:00:19.758192Z
- Summary
- usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: acpi: Prevent null pointer dereference in usbacpiaddusb4devlink()
As demonstrated by the fix for updateportdevicestate, commit 12783c0b9e2c ("usb: core: Prevent null pointer dereference in updateportdevicestate"), usbhubtostructhub() can return NULL in certain scenarios, such as during hub driver unbind or teardown race conditions, even if the underlying usb_device structure exists.
Plus, all other places that call usbhubtostructhub() in the same file do check for NULL return values.
If usbhubtostructhub() returns NULL, the subsequent access to hub->ports[udev->portnum - 1] will cause a null pointer dereference.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf1bfb4a6fed64de1771b43a76631942279851744Fixed8fa544bff8466062e42949c93f3e528f4be5624b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf1bfb4a6fed64de1771b43a76631942279851744Fixede3d530173b70514d4390a94f9f979acad689b70a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf1bfb4a6fed64de1771b43a76631942279851744Fixed73fb0ec9436ae87bcae067ce35d6cdd72bade86c
Affected versions
v6.*
v6.11
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"156088278845164605804619162731829389726",
"247122399895214487508755729865223257528",
"291356380637205931340559126496684646351",
"322339384637621244931948077126260972912"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3d530173b70514d4390a94f9f979acad689b70a",
"target": {
"file": "drivers/usb/core/usb-acpi.c"
},
"id": "CVE-2025-38134-16efa466"
},
{
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 842.0,
"function_hash": "304941221843467651236675041467659073688"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3d530173b70514d4390a94f9f979acad689b70a",
"target": {
"file": "drivers/usb/core/usb-acpi.c",
"function": "usb_acpi_add_usb4_devlink"
},
"id": "CVE-2025-38134-97a28f3f"
}
]