{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-37990","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:23.976Z","datePublished":"2025-05-20T17:18:45.366Z","dateUpdated":"2026-05-11T21:19:10.658Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:19:10.658Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n'state.state' and the 'state.bytes' are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n'state.state' and the 'state.bytes' are uninitialized.\n\nImprove the error message to report more detailed error\ninformation."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c"],"versions":[{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"972bf75e53f778c78039c5d139dd47443a6d66a1","status":"affected","versionType":"git"},{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"62a4f2955d9a1745bdb410bf83fb16666d8865d6","status":"affected","versionType":"git"},{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"508be7c001437bacad7b9a43f08a723887bcd1ea","status":"affected","versionType":"git"},{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"524b70441baba453b193c418e3142bd31059cc1f","status":"affected","versionType":"git"},{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"08424a0922fb9e32a19b09d852ee87fb6c497538","status":"affected","versionType":"git"},{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"bdb435ef9815b1ae28eefffa01c6959d0fcf1fa7","status":"affected","versionType":"git"},{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"fa9b9f02212574ee1867fbefb0a675362a71b31d","status":"affected","versionType":"git"},{"version":"71bb244ba2fd5390eefe4ee9054abdb3f8b05922","lessThan":"8e089e7b585d95122c8122d732d1d5ef8f879396","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c"],"versions":[{"version":"3.4","status":"affected"},{"version":"0","lessThan":"3.4","status":"unaffected","versionType":"semver"},{"version":"5.4.294","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.238","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.182","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.138","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.90","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.28","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.14.6","lessThanOrEqual":"6.14.*","status":"unaffected","versionType":"semver"},{"version":"6.15","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"5.4.294"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"5.10.238"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"5.15.182"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"6.1.138"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"6.6.90"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"6.12.28"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"6.14.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"6.15"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/972bf75e53f778c78039c5d139dd47443a6d66a1"},{"url":"https://git.kernel.org/stable/c/62a4f2955d9a1745bdb410bf83fb16666d8865d6"},{"url":"https://git.kernel.org/stable/c/508be7c001437bacad7b9a43f08a723887bcd1ea"},{"url":"https://git.kernel.org/stable/c/524b70441baba453b193c418e3142bd31059cc1f"},{"url":"https://git.kernel.org/stable/c/08424a0922fb9e32a19b09d852ee87fb6c497538"},{"url":"https://git.kernel.org/stable/c/bdb435ef9815b1ae28eefffa01c6959d0fcf1fa7"},{"url":"https://git.kernel.org/stable/c/fa9b9f02212574ee1867fbefb0a675362a71b31d"},{"url":"https://git.kernel.org/stable/c/8e089e7b585d95122c8122d732d1d5ef8f879396"}],"title":"wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:58:03.822Z"}}]}}