cve 2025 38348

About this tag
The tag CVE-2025-38348 covers discussions about a Linux kernel buffer overflow vulnerability in the p54 wireless driver, specifically in the function p54_rx_eeprom_readback(). The vulnerability can be triggered by a malicious USB device posing as an Intersil p54 Wi-Fi interface. Microsoft's MSRC entry confirms that Azure Linux includes the affected open-source component and is potentially vulnerable. The tag content focuses on the technical details of the flaw, its impact on Azure Linux, and the broader implications for Microsoft products that may incorporate the same vulnerable code.
  1. CVE-2025-38348: Linux p54 USB Buffer Overflow and Azure Linux Attestation

    The Linux kernel vulnerability tracked as CVE-2025-38348 is a small but meaningful buffer‑overflow in the p54 wireless driver (function p54_rx_eeprom_readback()) that can be triggered by a malicious USB device posing as an Intersil p54 Wi‑Fi interface — and while Microsoft’s MSRC entry...