Vulnerability Database

314,452

Total vulnerabilities in the database

CVE-2025-38474

In the Linux kernel, the following vulnerability has been resolved:

usb: net: sierra: check for no status endpoint

The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission.

  • Published: Jul 28, 2025
  • Updated: Dec 23, 2025
  • CVE: CVE-2025-38474
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Software From Fixed in
linux / linux_kernel 2.6.35 5.4.297
linux / linux_kernel 5.5 5.10.241
linux / linux_kernel 5.11 5.15.190
linux / linux_kernel 5.16 6.1.147
linux / linux_kernel 6.2 6.6.100
linux / linux_kernel 6.7 6.12.40
linux / linux_kernel 6.13 6.15.8
linux / linux_kernel 2.6.34 2.6.34.x
linux / linux_kernel 2.6.34-rc6 2.6.34-rc6.x
linux / linux_kernel 2.6.34-rc7 2.6.34-rc7.x
linux / linux_kernel 6.16-rc1 6.16-rc1.x
linux / linux_kernel 6.16-rc2 6.16-rc2.x
linux / linux_kernel 6.16-rc3 6.16-rc3.x
linux / linux_kernel 6.16-rc4 6.16-rc4.x
linux / linux_kernel 6.16-rc5 6.16-rc5.x
linux / linux_kernel 6.16-rc6 6.16-rc6.x
debian / debian_linux 11.0 11.0.x