Vulnerability DatabaseCVE-2025-38385

CVE-2025-38385:
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, the following vulnerability has been resolved:

net: usb: lan78xx: fix WARN in _netifnapidellocked on disconnect

Remove redundant netifnapidel() call from disconnect path.

A WARN may be triggered in _netifnapidellocked() during USB device disconnect:

WARNING: CPU: 0 PID: 11 at net/core/dev.c:7417 _netifnapidellocked+0x2b4/0x350

This happens because netifnapidel() is called in the disconnect path while NAPI is still enabled. However, it is not necessary to call netifnapidel() explicitly, since unregister_netdev() will handle NAPI teardown automatically and safely. Removing the redundant call avoids triggering the warning.

Full trace: lan78xx 1-1:1.0 enu1: Failed to read register index 0x000000c4. ret = -ENODEV lan78xx 1-1:1.0 enu1: Failed to set MAC down with error -ENODEV lan78xx 1-1:1.0 enu1: Link is Down lan78xx 1-1:1.0 enu1: Failed to read register index 0x00000120. ret = -ENODEV ------------[ cut here ]------------ WARNING: CPU: 0 PID: 11 at net/core/dev.c:7417 netifnapidellocked+0x2b4/0x350 Modules linked in: flexcan candev fuse CPU: 0 UID: 0 PID: 11 Comm: kworker/0:1 Not tainted 6.16.0-rc2-00624-ge926949dab03 #9 PREEMPT Hardware name: SKOV IMX8MP CPU revC - bd500 (DT) Workqueue: usbhubwq hub_event pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : netifnapidellocked+0x2b4/0x350 lr : _netifnapidellocked+0x7c/0x350 sp : ffffffc085b673c0 x29: ffffffc085b673c0 x28: ffffff800b7f2000 x27: ffffff800b7f20d8 x26: ffffff80110bcf58 x25: ffffff80110bd978 x24: 1ffffff0022179eb x23: ffffff80110bc000 x22: ffffff800b7f5000 x21: ffffff80110bc000 x20: ffffff80110bcf38 x19: ffffff80110bcf28 x18: dfffffc000000000 x17: ffffffc081578940 x16: ffffffc08284cee0 x15: 0000000000000028 x14: 0000000000000006 x13: 0000000000040000 x12: ffffffb0022179e8 x11: 1ffffff0022179e7 x10: ffffffb0022179e7 x9 : dfffffc000000000 x8 : 0000004ffdde8619 x7 : ffffff80110bcf3f x6 : 0000000000000001 x5 : ffffff80110bcf38 x4 : ffffff80110bcf38 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 1ffffff0022179e7 x0 : 0000000000000000 Call trace: _netifnapidellocked+0x2b4/0x350 (P) lan78xxdisconnect+0xf4/0x360 usbunbindinterface+0x158/0x718 deviceremove+0x100/0x150 devicereleasedriverinternal+0x308/0x478 devicereleasedriver+0x1c/0x30 busremovedevice+0x1a8/0x368 devicedel+0x2e0/0x7b0 usbdisabledevice+0x244/0x540 usbdisconnect+0x220/0x758 hubevent+0x105c/0x35e0 processonework+0x760/0x17b0 workerthread+0x768/0xce8 kthread+0x3bc/0x690 retfromfork+0x10/0x20 irq event stamp: 211604 hardirqs last enabled at (211603): [] rawspinunlockirqrestore+0x84/0x98 hardirqs last disabled at (211604): [] el1dbg+0x24/0x80 softirqs last enabled at (211296): [] handlesoftirqs+0x820/0xbc8 softirqs last disabled at (210993): [] _dosoftirq+0x18/0x20 ---[ end trace 0000000000000000 ]--- lan78xx 1-1:1.0 enu1: failed to kill vid 0081/0

Source: NVD

View vulnerable instances

Not a Wiz customer? See which CVEs are exploitable in your environment.

Get a CVE Assessment

5.1

Score

Published July 25, 2025

Severity MEDIUM

CNA Score N/A

Affected Technologies

Linux Kernel
CBL Mariner

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 14.6

Exploitation Probability (EPSS) N/A

Affected packages and libraries

kernel-zfcpdump-modules-internal
linux-oracle-6.8

Sources

NVD
CBL-Mariner
- CBL-Mariner 3.0 Severity MEDIUMHas FixAdded at: Oct 03, 2025
Debian Security Tracker
- Debian 11 Has FixAdded at: Oct 14, 2025
- Debian 12, 13 Has FixAdded at: Jul 29, 2025
- Debian 14 Has FixAdded at: Aug 10, 2025
Echo
- Echo Has FixAdded at: Nov 18, 2025
Photon Security Advisory
- Photon 5.0 Severity LOWHas FixAdded at: Aug 21, 2025
Red Hat Errata
- Red Hat 9 Severity LOWNo FixAdded at: Jul 29, 2025
- Red Hat 10 Severity LOWNo FixAdded at: Aug 12, 2025
Ubuntu Security Tracker
- Ubuntu 16.04, 18.04, 20.04 Severity MEDIUMNo FixAdded at: Jul 29, 2025
- Ubuntu 22.04 Severity MEDIUMNo FixAdded at: Jul 31, 2025
- Ubuntu 24.04, 25.04 Severity MEDIUMHas FixAdded at: Jul 31, 2025

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Linux Kernel vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-40343	MEDIUM	6.4	Linux Kernel	linux-iot	No	Yes	Dec 09, 2025
CVE-2025-40342	MEDIUM	6.4	Linux Kernel	kernel-rt-devel-matched	No	Yes	Dec 09, 2025
CVE-2025-40340	MEDIUM	6.4	Linux Kernel	linux-hwe	No	Yes	Dec 09, 2025
CVE-2025-40341	MEDIUM	5.1	Linux Kernel	kernel-zfcpdump-core	No	Yes	Dec 09, 2025
CVE-2025-40344	N/A	N/A	Linux Kernel	libperf-devel	No	Yes	Dec 09, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

CVE-2025-38385: Linux Kernel vulnerability analysis and mitigation