CVE - CVE-2025-21916

CVE-ID
CVE-2025-21916	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see [1]. This time the issue stems from a commit authored by me (2eabb655a968 ("usb: atm: cxacru: fix endpoint checking in cxacru_bind()")). While using usb_find_common_endpoints() may usually be enough to discard devices with wrong endpoints, in this case one needs more than just finding and identifying the sufficient number of endpoints of correct types - one needs to check the endpoint's address as well. Since cxacru_bind() fills URBs with CXACRU_EP_CMD address in mind, switch the endpoint verification approach to usb_check_XXX_endpoints() instead to fix incomplete ep testing. [1] Syzbot report: usb 5-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 1378 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503 ... RIP: 0010:usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503 ... Call Trace: <TASK> cxacru_cm+0x3c8/0xe50 drivers/usb/atm/cxacru.c:649 cxacru_card_status drivers/usb/atm/cxacru.c:760 [inline] cxacru_bind+0xcf9/0x1150 drivers/usb/atm/cxacru.c:1223 usbatm_usb_probe+0x314/0x1d30 drivers/usb/atm/usbatm.c:1058 cxacru_usb_probe+0x184/0x220 drivers/usb/atm/cxacru.c:1377 usb_probe_interface+0x641/0xbb0 drivers/usb/core/driver.c:396 really_probe+0x2b9/0xad0 drivers/base/dd.c:658 __driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800 driver_probe_device+0x50/0x430 drivers/base/dd.c:830 ...
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/197e78076c5ecd895f109158c4ea2954b9919af6 URL:https://git.kernel.org/stable/c/197e78076c5ecd895f109158c4ea2954b9919af6 MISC:https://git.kernel.org/stable/c/319529e0356bd904528c64647725a2272d297c83 URL:https://git.kernel.org/stable/c/319529e0356bd904528c64647725a2272d297c83 MISC:https://git.kernel.org/stable/c/903b80c21458bb1e34c3a78c5fdc553821e357f8 URL:https://git.kernel.org/stable/c/903b80c21458bb1e34c3a78c5fdc553821e357f8 MISC:https://git.kernel.org/stable/c/a0475a885d69849b1ade38add6d64338dfa83a8f URL:https://git.kernel.org/stable/c/a0475a885d69849b1ade38add6d64338dfa83a8f MISC:https://git.kernel.org/stable/c/bf4409f84023b52b5e9b36c0a071a121eee42138 URL:https://git.kernel.org/stable/c/bf4409f84023b52b5e9b36c0a071a121eee42138 MISC:https://git.kernel.org/stable/c/c90aad369899a607cfbc002bebeafd51e31900cd URL:https://git.kernel.org/stable/c/c90aad369899a607cfbc002bebeafd51e31900cd MISC:https://git.kernel.org/stable/c/cfc295f7cccf66cbd5123416bcf1bee2e1bd37de URL:https://git.kernel.org/stable/c/cfc295f7cccf66cbd5123416bcf1bee2e1bd37de MISC:https://git.kernel.org/stable/c/dcd592ab9dd8a2bfc36e75583b9006db2a77ec24 URL:https://git.kernel.org/stable/c/dcd592ab9dd8a2bfc36e75583b9006db2a77ec24
Assigning CNA
kernel.org
Date Record Created
20241229	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241229)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)