CVE-2025-38497 | Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.7 usb os_desc_qw_sign_store out-of-bounds

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.7. This affects the function os_desc_qw_sign_store of the component usb. The manipulation leads to out-of-bounds read.

This vulnerability is uniquely identified as CVE-2025-38497. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More