### [CVE-2025-38448](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38448)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=35f95fd7f234d2b58803bab6f6ebd6bb988050a2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:usb: gadget: u_serial: Fix race condition in TTY wakeupA race condition occurs when gs_start_io() calls either gs_start_rx() orgs_start_tx(), as those functions briefly drop the port_lock forusb_ep_queue(). This allows gs_close() and gserial_disconnect() to clearport.tty and port_usb, respectively.Use the null-safe TTY Port helper function to wake up TTY.Example  CPU1:			      CPU2:  gserial_connect() // lock  			      gs_close() // await lock  gs_start_rx()     // unlock  usb_ep_queue()  			      gs_close() // lock, reset port.tty and unlock  gs_start_rx()     // lock  tty_wakeup()      // NPE

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security