CVE-2025-38497
📋 TL;DR
This vulnerability in the Linux kernel's USB gadget configfs subsystem allows an out-of-bounds read when writing empty strings to specific sysfs attributes. Attackers with local access can potentially read kernel memory, leading to information disclosure or system crashes. Systems using USB gadget functionality with configfs are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to privilege escalation, system crash, or information leakage of sensitive kernel data.
Likely Case
System crash or denial of service due to invalid memory access, potentially causing kernel panic.
If Mitigated
Minimal impact if systems don't use USB gadget configfs functionality or have restricted local access.
🎯 Exploit Status
Exploitation requires local access to write to sysfs attributes. Simple to trigger but impact depends on memory layout.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with commits: 15a872068799, 22b7897c289c, 2798111f8e50, 3014168731b7, 58bdd5160184
Vendor Advisory: https://git.kernel.org/stable/c/15a87206879951712915c03c8952a73d6a74721e
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Restrict sysfs access
linuxLimit access to vulnerable sysfs attributes to prevent exploitation
chmod 600 /sys/kernel/config/usb_gadget/*/os_desc/qw_sign
chmod 600 /sys/kernel/config/usb_gadget/*/webusb/landingPage
Disable USB gadget configfs
linuxRemove or disable USB gadget configfs module if not needed
rmmod g_webusb
rmmod usb_f_webusb
echo 'blacklist g_webusb' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Implement strict access controls on /sys/kernel/config/usb_gadget/ directory
- Monitor for unusual access to sysfs USB gadget attributes and implement alerting
🔍 How to Verify
Check if Vulnerable:
Check if USB gadget configfs is enabled and accessible: ls -la /sys/kernel/config/usb_gadget/Check Version:
uname -rVerify Fix Applied:
Check kernel version contains one of the fix commits: uname -r and verify with distribution patch notes📡 Detection & Monitoring
Log Indicators:
- Kernel oops or panic logs
- Access denied errors to sysfs USB gadget paths
- Unexpected writes to /sys/kernel/config/usb_gadget/*/os_desc/qw_sign or landingPage
Network Indicators:
- None - local exploit only
SIEM Query:
source="kernel" AND ("Oops" OR "panic" OR "BUG") AND ("usb_gadget" OR "configfs")🔗 References
- https://git.kernel.org/stable/c/15a87206879951712915c03c8952a73d6a74721e
- https://git.kernel.org/stable/c/22b7897c289cc25d99c603f5144096142a30d897
- https://git.kernel.org/stable/c/2798111f8e504ac747cce911226135d50b8de468
- https://git.kernel.org/stable/c/3014168731b7930300aab656085af784edc861f6
- https://git.kernel.org/stable/c/58bdd5160184645771553ea732da5c2887fc9bd1
- https://git.kernel.org/stable/c/783ea37b237a9b524f1e5ca018ea17d772ee0ea0
- https://git.kernel.org/stable/c/78b41148cfea2a3f04d87adf3a71b21735820a37
- https://git.kernel.org/stable/c/d68b7c8fefbaeae8f065b84e40cf64baf4cc0c76
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
