PT-2025-30776 · Linux+3 · Linux Kernel+3
Published
2025-06-14
·
Updated
2026-04-20
·
CVE-2025-38376
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The Linux kernel contains an issue where a system hang can occur during suspend/resume operations when a USB gadget device is enabled as Ethernet and data transfer is in progress. This happens because the USB device controller is suspended while the USB bus remains active, leading to continued data transfer attempts and register access after the controller clock has been gated off. The issue is resolved by disconnecting the device from the host when the USB bus is not in a suspended state, and automatically reconnecting it upon resume. This also ensures continued USB wakeup functionality when the USB device controller has enabled wakeup capability.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linuxmint
Linux Kernel
Suse
Ubuntu