You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 38448
About this tag
CVE-2025-38448 is a kernel race condition in the USB gadget serial function (u_serial) that can lead to a NULL-pointer dereference. Discussions on WindowsForum.com focus on Microsoft's Azure Linux attestation for this vulnerability, noting that while Azure Linux images have been inventory-checked and are potentially affected, the attestation does not guarantee that no other Microsoft products contain the same vulnerable kernel code. The tag covers coverage and gaps in Microsoft's response, the technical nature of the flaw, and implications for enterprise Linux deployments on Azure.
Microsoft’s short public notice that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate for the Azure Linux images that Microsoft has inventory‑checked — but it is not a technical guarantee that no other Microsoft product contains the same...