PT-2025-28004 · Linux+6 · Linux Kernel+6
Published
2025-07-04
·
Updated
2026-05-26
·
CVE-2025-38229
CVSS v2.0
7.7
High
| Vector | AV:A/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
A vulnerability in the Linux kernel has been resolved, related to the media component, specifically the cxusb module. The issue occurred when the write operation of
usb bulk msg() in dvb usb generic rw() failed, resulting in the read operation not being executed, and ultimately, a variable was not initialized. This led to a reported uninit-value in cxusb i2c xfer. The vulnerability was identified by syzbot.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Improper Initialization
Use of Uninitialized Resource
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu