cve/published/2025/CVE-2025-37811.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-1.2.0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@kernel.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 usb: chipidea: ci_hdrc_imx: fix usbmisc handling

 usbmisc is an optional device property so it is totally valid for the
 corresponding data->usbmisc_data to have a NULL value.

 Check that before dereferencing the pointer.

 Found by Linux Verification Center (linuxtesting.org) with Svace static
 analysis tool.

 The Linux kernel CVE team has assigned CVE-2025-37811 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 5.15.179 with commit 3f46fefab962fc5dcfe4d53a7c2cdccd51ebdc6d and fixed in 5.15.181 with commit 8060b719676e8c0e5a2222c2977ba0458d9d9535
 	Issue introduced in 6.1.129 with commit 7ae96eba35036bdd47ecd956e882ff057a550405 and fixed in 6.1.136 with commit 0ee460498ced49196149197c9f6d29a10e5e0798
 	Issue introduced in 6.6.72 with commit dcd4de31bd01a7189c24e3cafe40649c9c42b9af and fixed in 6.6.89 with commit 121e9f80ea5478bca3a8f3f26593fd66f87da649
 	Issue introduced in 6.12.10 with commit 57797497a696cffaea421fc4e5a3ea2a8536b1a2 and fixed in 6.12.26 with commit 887902ca73490f38c69fd6149ef361a041cf912f
 	Issue introduced in 6.13 with commit 74adad500346fb07d69af2c79acbff4adb061134 and fixed in 6.14.5 with commit 2aa87bd825377f5073b76701780a902cd0fc725a
 	Issue introduced in 6.13 with commit 74adad500346fb07d69af2c79acbff4adb061134 and fixed in 6.15 with commit 4e28f79e3dffa52d327b46d1a78dac16efb5810b

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2025-37811
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/usb/chipidea/ci_hdrc_imx.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/8060b719676e8c0e5a2222c2977ba0458d9d9535
 	https://git.kernel.org/stable/c/0ee460498ced49196149197c9f6d29a10e5e0798
 	https://git.kernel.org/stable/c/121e9f80ea5478bca3a8f3f26593fd66f87da649
 	https://git.kernel.org/stable/c/887902ca73490f38c69fd6149ef361a041cf912f
 	https://git.kernel.org/stable/c/2aa87bd825377f5073b76701780a902cd0fc725a
 	https://git.kernel.org/stable/c/4e28f79e3dffa52d327b46d1a78dac16efb5810b
	From bippy-1.2.0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@kernel.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	usb: chipidea: ci_hdrc_imx: fix usbmisc handling

	usbmisc is an optional device property so it is totally valid for the
	corresponding data->usbmisc_data to have a NULL value.

	Check that before dereferencing the pointer.

	Found by Linux Verification Center (linuxtesting.org) with Svace static
	analysis tool.

	The Linux kernel CVE team has assigned CVE-2025-37811 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 5.15.179 with commit 3f46fefab962fc5dcfe4d53a7c2cdccd51ebdc6d and fixed in 5.15.181 with commit 8060b719676e8c0e5a2222c2977ba0458d9d9535
	Issue introduced in 6.1.129 with commit 7ae96eba35036bdd47ecd956e882ff057a550405 and fixed in 6.1.136 with commit 0ee460498ced49196149197c9f6d29a10e5e0798
	Issue introduced in 6.6.72 with commit dcd4de31bd01a7189c24e3cafe40649c9c42b9af and fixed in 6.6.89 with commit 121e9f80ea5478bca3a8f3f26593fd66f87da649
	Issue introduced in 6.12.10 with commit 57797497a696cffaea421fc4e5a3ea2a8536b1a2 and fixed in 6.12.26 with commit 887902ca73490f38c69fd6149ef361a041cf912f
	Issue introduced in 6.13 with commit 74adad500346fb07d69af2c79acbff4adb061134 and fixed in 6.14.5 with commit 2aa87bd825377f5073b76701780a902cd0fc725a
	Issue introduced in 6.13 with commit 74adad500346fb07d69af2c79acbff4adb061134 and fixed in 6.15 with commit 4e28f79e3dffa52d327b46d1a78dac16efb5810b

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2025-37811
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/usb/chipidea/ci_hdrc_imx.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/8060b719676e8c0e5a2222c2977ba0458d9d9535
	https://git.kernel.org/stable/c/0ee460498ced49196149197c9f6d29a10e5e0798
	https://git.kernel.org/stable/c/121e9f80ea5478bca3a8f3f26593fd66f87da649
	https://git.kernel.org/stable/c/887902ca73490f38c69fd6149ef361a041cf912f
	https://git.kernel.org/stable/c/2aa87bd825377f5073b76701780a902cd0fc725a
	https://git.kernel.org/stable/c/4e28f79e3dffa52d327b46d1a78dac16efb5810b