Vulnerability Database

318,756

Total vulnerabilities in the database

CVE-2025-38497

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: configfs: Fix OOB read on empty string write

When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero.

This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately.

  • Published: Jul 28, 2025
  • Updated: Jan 8, 2026
  • CVE: CVE-2025-38497
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.1
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWEs:

Software From Fixed in
linux / linux_kernel 3.16 5.4.297
linux / linux_kernel 5.5 5.10.241
linux / linux_kernel 5.11 5.15.190
linux / linux_kernel 5.16 6.1.147
linux / linux_kernel 6.2 6.6.100
linux / linux_kernel 6.7 6.12.40
linux / linux_kernel 6.13 6.15.8
linux / linux_kernel 6.16-rc1 6.16-rc1.x
linux / linux_kernel 6.16-rc2 6.16-rc2.x
linux / linux_kernel 6.16-rc3 6.16-rc3.x
linux / linux_kernel 6.16-rc4 6.16-rc4.x
linux / linux_kernel 6.16-rc5 6.16-rc5.x
linux / linux_kernel 6.16-rc6 6.16-rc6.x
debian / debian_linux 11.0 11.0.x