CVE-2025-38671

{"id": "CVE-2025-38671", "cveTags": [], "metrics": {}, "published": "2025-08-22T16:15:42.683", "references": [{"url": "https://git.kernel.org/stable/c/0d33913fce67a93c1eb83396c3c9d6b411dcab33", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/42c4471b30fa203249f476dd42321cd7efb7f6a8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/89459f168b78e5c801dc8b7ad037b62898bc4f57", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a7982a14b3012527a9583d12525cd0dc9f8d8934", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c523bfba46c4b4d7676fb050909533a766698ecd", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn't jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT."}], "lastModified": "2025-08-22T18:08:51.663", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}