CVE-2025-37881 – Aspeed USB Gadget NULL Pointer Dereference

May 9, 2025

CVE ID : CVE-2025-37881

Published : May 9, 2025, 7:16 a.m. | 4 hours, 51 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()

The variable d->name, returned by devm_kasprintf(), could be NULL.
A pointer check is added to prevent potential NULL pointer dereference.
This is similar to the fix in commit 3027e7b15b02
(“ice: Fix some null pointer dereference issues in ice_ptp.c”).

This issue is found by our static analysis tool

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-37882 – Linux Kernel USB xHCI Isochronous Ring Handling Vulnerability

Next Article CVE-2025-37876 – Linux NetFS NULL Pointer Dereference Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Your password manager is under attack, and this new threat makes it worse: How to defend yourself

EcoFlow’s new backyard solar energy system starts at $599 – no installation crews or permits needed

Why Sonos’ cheapest smart speaker is one of my favorites – even a year after its release

7 productivity gadgets I can’t live without (and why they make such a big difference)

Tap into Your PHP Potential with Free Projects at PHPGurukul

Tap into Your PHP Potential with Free Projects at PHPGurukul

Preparing for AI? Here’s How PIM Gets Your Data in Shape

A Closer Look at the AI Assistant of Oracle Analytics

kew v3.2.0 improves internet radio support and more

kew v3.2.0 improves internet radio support and more

GNOME Replace Totem Video Player with Showtime

Placemark is a web-based tool for geospatial data

CVE-2025-37881 – Aspeed USB Gadget NULL Pointer Dereference

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4487 – iSourcecode Gym Management System SQL Injection Vulnerability

Discover expert Polycom Poly conference room system setup in India. Partner with trusted integrators for seamless video conferencing solutions.

Automate database object deployments in Amazon Aurora using AWS CodePipeline

Atomfall: How to open District B, get inside the Robot Facility, and grab the Signal Redirector

A leaked document suggests OpenAI will hit AGI when it builds an AI system that can generate up to $100 billion in profit — but the ChatGPT maker could endure a massive $44 billion loss before seeing profit in 2029 partly due to Microsoft tie-up

j-DataGrid – Total.js UI component part 2

Too Many Red Flags

CVE-2025-44192 – SourceCodester Simple Barangay Management System SQL Injection Vulnerability

Forget the iPad: This is a great tablet for kids, and it’s on sale ahead of Prime Day

CVE-2025-37881 – Aspeed USB Gadget NULL Pointer Dereference

Related Posts