CVE-2025-38429

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38429
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38429.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-38429
Downstream
Related
Published
2025-07-25T15:15:27Z
Modified
2025-08-09T19:01:26Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

bus: mhi: ep: Update read pointer only after buffer is written

Inside mhiepringaddelement, the read pointer (rdoffset) is updated before the buffer is written, potentially causing race conditions where the host sees an updated read pointer before the buffer is actually written. Updating rdoffset prematurely can lead to the host accessing an uninitialized or incomplete element, resulting in data corruption.

Invoke the buffer write before updating rd_offset to ensure the element is fully written before signaling its availability.

References

Affected packages