CVE-2025-39801
📋 TL;DR
This CVE addresses a kernel panic vulnerability in the Linux kernel's USB DWC3 driver. When 'panic_on_warn' is enabled, endpoint command timeouts during rapid USB connect/disconnect sequences trigger a WARN_ON that causes kernel panic. This affects Linux systems using the DWC3 USB controller, particularly Exynos platforms.
💻 Affected Systems
- Linux kernel with DWC3 USB driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote reboot.
Likely Case
System instability or crash during USB device hotplug operations, particularly with fast connect/disconnect cycles.
If Mitigated
Minor performance impact or dropped USB connections without system crash.
🎯 Exploit Status
Exploitation requires specific timing conditions during USB connect/disconnect operations and depends on system configuration.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 45eae113dccaf8e502090ecf5b3d9e9b805add6f or later
Vendor Advisory: https://git.kernel.org/stable/c/45eae113dccaf8e502090ecf5b3d9e9b805add6f
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable panic_on_warn
allPrevent kernel panic by disabling panic_on_warn sysctl parameter
echo 0 > /proc/sys/kernel/panic_on_warn
sysctl -w kernel.panic_on_warn=0
Avoid rapid USB connect/disconnect
allImplement USB device management policies to prevent rapid connect/disconnect cycles
🧯 If You Can't Patch
- Disable panic_on_warn sysctl parameter
- Restrict physical USB access to trusted users only
- Monitor system logs for WARN messages related to DWC3 endpoint timeouts
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if DWC3 driver is loaded: 'uname -r' and 'lsmod | grep dwc3'Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or check that panic_on_warn is disabled📡 Detection & Monitoring
Log Indicators:
- Kernel WARN messages mentioning DWC3 endpoint command timeouts
- Kernel panic logs when panic_on_warn is enabled
Network Indicators:
- USB device connection instability
SIEM Query:
source="kernel" AND ("WARN" AND "dwc3" AND "endpoint" AND "timeout") OR ("panic" AND "dwc3")🔗 References
- https://git.kernel.org/stable/c/45eae113dccaf8e502090ecf5b3d9e9b805add6f
- https://git.kernel.org/stable/c/5a1a847d841505dba2bd85602daf5c218e1d85b8
- https://git.kernel.org/stable/c/84c95dbf5bece56086cdb65a64162af35158bdd9
- https://git.kernel.org/stable/c/db27482b9db340402e05d4e9b75352bbaca51af2
- https://git.kernel.org/stable/c/dfe40159eec6ca63b40133bfa783eee2e3ed829f
- https://git.kernel.org/stable/c/f49697dfba2915a9ff36f94604eb76fa61413929
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
