CVE-2025-37796
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's at76c50x USB WiFi driver. When a device disconnects, the driver accesses freed memory, potentially causing kernel crashes or memory corruption. This affects Linux systems using the at76c50x driver for specific USB WiFi adapters.
💻 Affected Systems
- Linux kernel with at76c50x USB WiFi driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, potential privilege escalation if memory corruption can be controlled, or denial of service.
Likely Case
System crash or instability when disconnecting affected USB WiFi adapters, requiring reboot to restore functionality.
If Mitigated
Minimal impact if systems don't use vulnerable WiFi adapters or have the driver disabled.
🎯 Exploit Status
Exploitation requires triggering the disconnect sequence with the vulnerable driver loaded, which typically needs physical USB device access or USB emulation capabilities.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits 152721cbae42713ecfbca6847e0f102ee6b19546 and related fixes
Vendor Advisory: https://git.kernel.org/stable/c/152721cbae42713ecfbca6847e0f102ee6b19546
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Rebuild kernel if compiling from source with the fix commits. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable at76c50x driver
linuxPrevent loading of vulnerable driver module
echo 'blacklist at76c50x-usb' >> /etc/modprobe.d/blacklist.conf
rmmod at76c50x-usb
Restrict USB device access
linuxPrevent unauthorized USB device connections
echo '0' > /sys/bus/usb/drivers_autoprobe
Configure USBGuard or similar tools
🧯 If You Can't Patch
- Avoid using USB WiFi adapters that require at76c50x driver
- Implement strict physical security controls to prevent unauthorized USB device connections
🔍 How to Verify
Check if Vulnerable:
Check if at76c50x-usb module is loaded: lsmod | grep at76c50xCheck Version:
uname -rVerify Fix Applied:
Check kernel version is patched: uname -r and verify against distribution security advisories📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages in dmesg
- System crashes when disconnecting USB WiFi devices
- USB disconnect errors with at76c50x driver
Network Indicators:
- None - this is a local driver vulnerability
SIEM Query:
source="kernel" AND ("at76c50x" OR "use-after-free" OR "general protection fault")🔗 References
- https://git.kernel.org/stable/c/152721cbae42713ecfbca6847e0f102ee6b19546
- https://git.kernel.org/stable/c/27c7e63b3cb1a20bb78ed4a36c561ea4579fd7da
- https://git.kernel.org/stable/c/3c619aec1f538333b56746d2f796aab1bca5c9a5
- https://git.kernel.org/stable/c/5e7df74745700f059dc117a620e566964a2e8f2c
- https://git.kernel.org/stable/c/6e4ab3e574c2a335b40fa1f70d1c54fcb58ab33f
- https://git.kernel.org/stable/c/7ca513631fa6ad3011b8b9197cdde0f351103704
- https://git.kernel.org/stable/c/a9682bfef2cf3802515a902e964d774e137be1b9
- https://git.kernel.org/stable/c/c731cdfddcf1be1590d5ba8c9b508f98e3a2b3d6
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
