CVE-2025-38416: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-38416 is a vulnerability discovered in the Linux kernel's NFC subsystem, specifically in the NCI UART driver component. The vulnerability was disclosed on July 25, 2025, affecting the tty->disc_data handling in the NCI UART driver (NVD).

The vulnerability involves improper handling of tty->discdata in the NCI UART driver. The issue occurs because tty->discdata is set before opening the NCI device, creating a potential security risk during device initialization. This implementation could lead to problems if the device starts sending data before the NCIUARTSETDRIVER IOCTL succeeds, particularly in cases of broken hardware (RedHat). The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Moderate) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (RedHat).

The vulnerability could potentially lead to system instability or denial of service conditions in systems utilizing the NFC NCI UART driver. The CVSS scoring indicates that while the vulnerability requires local access and low privileges, it could result in high availability impact to the affected system (RedHat).

The vulnerability has been patched by modifying the code to only expose tty->discdata on the success path, when opening of the NCI device and trymodule_get() succeeds. This change ensures proper cleanup on error paths and closes the potential security window (NVD).