CVE-2025-38348
📋 TL;DR
A buffer overflow vulnerability in the Linux kernel's p54 wifi driver allows a malicious USB device posing as an Intersil p54 wifi interface to trigger memory corruption. This affects Linux systems using the p54 driver, though exploitation requires physical USB access and specific firmware conditions.
💻 Affected Systems
- Linux kernel with p54 wifi driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, with potential for arbitrary code execution in kernel context.
Likely Case
System crash or kernel panic causing denial of service on affected systems with vulnerable driver loaded.
If Mitigated
Minimal impact if proper USB device restrictions are enforced and driver isn't loaded.
🎯 Exploit Status
Exploitation requires physical USB access, specific USB device emulation, and driver loading conditions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 0e4dc150423b, 12134f79e53e, 1f7f8168abe8, 6d05390d20f1, 714afb4c38ed)
Vendor Advisory: https://git.kernel.org/stable/c/0e4dc150423b829c35cbcf399481ca11594fc036
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify driver version if possible.
🔧 Temporary Workarounds
Disable p54 driver module loading
linuxPrevent the vulnerable driver from being loaded
echo 'blacklist p54' >> /etc/modprobe.d/blacklist-p54.conf
rmmod p54
Restrict USB device access
linuxUse USBGuard or similar to control which USB devices can connect
# Install USBGuard: apt install usbguard
# Configure policy to allow only trusted devices
🧯 If You Can't Patch
- Physically disable or restrict access to USB ports on critical systems
- Implement strict USB device policies and monitoring for unauthorized devices
🔍 How to Verify
Check if Vulnerable:
Check if p54 module is loaded: lsmod | grep p54. If loaded, check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the patch commits, and test with modinfo p54 to check driver version if available.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs mentioning p54 driver
- USB device connection logs for suspicious wifi devices
- System crash/reboot events
Network Indicators:
- Unusual USB device enumeration patterns
- Attempts to load p54 driver unexpectedly
SIEM Query:
source="kernel" AND ("p54" OR "panic" OR "Oops")🔗 References
- https://git.kernel.org/stable/c/0e4dc150423b829c35cbcf399481ca11594fc036
- https://git.kernel.org/stable/c/12134f79e53eb56b0b0b7447fa0c512acf6a8422
- https://git.kernel.org/stable/c/1f7f8168abe8cbe845ab8bb557228d44784a6b57
- https://git.kernel.org/stable/c/6d05390d20f110de37d051a3e063ef0a542d01fb
- https://git.kernel.org/stable/c/714afb4c38edd19a057d519c1f9c5d164b43de94
- https://git.kernel.org/stable/c/9701f842031b825e2fd5f22d064166f8f13f6e4d
- https://git.kernel.org/stable/c/da1b9a55ff116cb040528ef664c70a4eec03ae99
- https://git.kernel.org/stable/c/f39b2f8c1549a539846e083790fad396ef6cd802
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
