CVE-2025-38535 — Multiple Releases of Same Resource or Handle in Linux
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 16
Latest updateMar 25
Description
In the Linux kernel, the following vulnerability has been resolved:
phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
When transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code
assumed that the regulator should be disabled. However, if the regulator
is marked as always-on, regulator_is_enabled() continues to return true,
leading to an incorrect attempt to disable a regulator which is not
enabled.
This can result in warnings such as:
[ 250.155624] WARNING: CPU: 1 PID…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5linux/linux49d46e3c7e597e8b00c6fc16e6fd7a92044f4371 — ceb645ac6ce052609ee5c8f819a80e8881789b04+7
Also affects: Debian Linux 11.0
Patches
🔴Vulnerability Details
3OSV▶
CVE-2025-38535: In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode When transitio↗2025-08-16
GHSA▶
GHSA-gvwq-wr3v-v8jg: In the Linux kernel, the following vulnerability has been resolved:
phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
When transit↗2025-08-16