CVE-2025-37811

usb: chipidea: ci_hdrc_imx: fix usbmisc handling

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MITRE
TN

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the
corresponding data->usbmisc_data to have a NULL value. Check that before dereferencing the pointer. Found by Linux Verification Center (linuxtesting.org) with Svace static
analysis tool.

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value. Check that before dereferencing the pointer. Found by Linux Verification Center (linuxtesting.org) with Svace static analysis tool.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-04-16 CVE Reserved
2025-05-08 CVE Published
2025-05-26 CVE Updated
2025-06-09 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (11)

URL	Tag	Source
https://git.kernel.org/stable/c/3f46fefab962fc5dcfe4d53a7c2cdccd51ebdc6d	Vuln. Introduced
https://git.kernel.org/stable/c/7ae96eba35036bdd47ecd956e882ff057a550405	Vuln. Introduced
https://git.kernel.org/stable/c/dcd4de31bd01a7189c24e3cafe40649c9c42b9af	Vuln. Introduced
https://git.kernel.org/stable/c/57797497a696cffaea421fc4e5a3ea2a8536b1a2	Vuln. Introduced
https://git.kernel.org/stable/c/74adad500346fb07d69af2c79acbff4adb061134	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/8060b719676e8c0e5a2222c2977ba0458d9d9535	2025-05-02
https://git.kernel.org/stable/c/0ee460498ced49196149197c9f6d29a10e5e0798	2025-05-02
https://git.kernel.org/stable/c/121e9f80ea5478bca3a8f3f26593fd66f87da649	2025-05-02
https://git.kernel.org/stable/c/887902ca73490f38c69fd6149ef361a041cf912f	2025-05-02
https://git.kernel.org/stable/c/2aa87bd825377f5073b76701780a902cd0fc725a	2025-05-02
https://git.kernel.org/stable/c/4e28f79e3dffa52d327b46d1a78dac16efb5810b	2025-04-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15.179 < 5.15.181 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.179 < 5.15.181"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.129 < 6.1.136 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.129 < 6.1.136"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.72 < 6.6.89 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.72 < 6.6.89"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12.10 < 6.12.26 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12.10 < 6.12.26"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.13 < 6.14.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.13 < 6.14.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.13 < 6.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.13 < 6.15"		en		Affected