Vulnerability Database

319,194

Total vulnerabilities in the database

CVE-2025-37990

In the Linux kernel, the following vulnerability has been resolved:

wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()

The function brcmf_usb_dl_writeimage() calls the function brcmf_usb_dl_cmd() but dose not check its return value. The 'state.state' and the 'state.bytes' are uninitialized if the function brcmf_usb_dl_cmd() fails. It is dangerous to use uninitialized variables in the conditions.

Add error handling for brcmf_usb_dl_cmd() to jump to error handling path if the brcmf_usb_dl_cmd() fails and the 'state.state' and the 'state.bytes' are uninitialized.

Improve the error message to report more detailed error information.

  • Published: May 20, 2025
  • Updated: Dec 17, 2025
  • CVE: CVE-2025-37990
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
linux / linux_kernel 3.4 5.4.294
linux / linux_kernel 5.5 5.10.238
linux / linux_kernel 5.11 5.15.182
linux / linux_kernel 5.16 6.1.138
linux / linux_kernel 6.2 6.6.90
linux / linux_kernel 6.7 6.12.28
linux / linux_kernel 6.13 6.14.6
linux / linux_kernel 6.15-rc1 6.15-rc1.x
linux / linux_kernel 6.15-rc2 6.15-rc2.x
linux / linux_kernel 6.15-rc3 6.15-rc3.x
linux / linux_kernel 6.15-rc4 6.15-rc4.x
debian / debian_linux 11.0 11.0.x