CVE-2025-37810

Updated: 2025-11-19 04:13:05.075246

Description:

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check that event count does not exceed event buffer length, avoiding an out-of-bounds access when memcpy'ing the event. Crash log: Unable to handle kernel paging request at virtual address ffffffc0129be000 pc : __memcpy+0x114/0x180 lr : dwc3_check_event_buf+0xec/0x348 x3 : 0000000000000030 x2 : 000000000000dfc4 x1 : ffffffc0129be000 x0 : ffffff87aad60080 Call trace: __memcpy+0x114/0x180 dwc3_interrupt+0x24/0x34


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Not Vulnerable 2025-09-25 14:37:12 CONFIG_USB_DWC3_GADGET is not set
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2025-12-08 17:37:56
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2025-12-08 17:37:57
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2025-12-08 17:37:57
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2025-12-03 19:08:00
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-12-27 05:17:11 CloudLinux 6 and 7 support is limited and provided on demand. We strongly recommend upgrading to Clo...
Oracle Linux 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2025-12-31 07:30:11
Oracle Linux 7 ELS kernel-uek 5.4.17 7.8 HIGH Released CLSA-2025:1757963029 2025-09-16 11:20:48
RHEL 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2025-12-31 07:30:10
TuxCare 9.6 ESU kernel 5.14.0 7.8 HIGH Not Vulnerable 2025-12-08 17:37:56
Total: 14