VDB
DEBIAN-CVE-2025-38474
DEBIAN-CVE-2025-38474
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | linux | 0, 6.12.38-1, 0 |
| Debian:11 | linux-6.1 | 6.1.129-1, 6.1.128-1, 6.1.119-1 |
| Debian:14 | linux | 6.15.5-1~exp1, 6.15.6-1~exp1, 6.15~rc7-1~exp1 |
| Debian:11 | linux | 5.10.237-1, 5.10.158-1, 5.10.158-2 |
| Debian:12 | linux | 6.1.38-4, 6.1.38-2, 6.1.38-1 |
Timeline
- Jul 28, 2025 CVE Published
- Apr 28, 2026 CVE Updated