CVE-2025-37882

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns the handling of isochronous Ring Underrun/Overrun events in the Linux kernel's xHCI (Extensible Host Controller Interface) implementation. Specifically, when such an event occurs, the TRB (Transfer Ring Buffer) pointer may point to a different location than expected, potentially leading to data loss or buffer use-after-free (UAF) issues. This can happen due to a race condition where a new TD (Transfer Descriptor) is queued at the same ring position before the event is handled. The problem is exacerbated by interrupt moderation delays or system load, which can increase the likelihood of this race condition occurring.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.