CVE-2025-38535

phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode

Description

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode When transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-on, regulator_is_enabled() continues to return true, leading to an incorrect attempt to disable a regulator which is not enabled. This can result in warnings such as: [ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004 _regulator_disable+0xe4/0x1a0 [ 250.155652] unbalanced disables for VIN_SYS_5V0 To fix this, we move the regulator control logic into tegra186_xusb_padctl_id_override() function since it's directly related to the ID override state. The regulator is now only disabled when the role transitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID register. This ensures that regulator enable/disable operations are properly balanced and only occur when actually transitioning to/from host mode.

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/ceb645ac6ce052609ee5c8f819a80e8881789b04
https://git.kernel.org/stable/c/cdcb0ffd6448f6be898956913a42bd08e59fb2ae
https://git.kernel.org/stable/c/1bb85b5c2bd43b687c3d54eb6328917f90dd38fc
https://git.kernel.org/stable/c/5367cdeb75cb6c687ca468450bceb2602ab239d8
https://git.kernel.org/stable/c/ec7f98ff05f0649af0adeb4808c7ba23d6111ef9
https://git.kernel.org/stable/c/eaa420339658615d26c1cc95cd6cf720b9aebfca
https://git.kernel.org/stable/c/cefc1caee9dd06c69e2d807edc5949b329f52b22

Frequently Asked Questions

What is the severity of CVE-2025-38535?
CVE-2025-38535 has not yet been assigned a CVSS score.
How to fix CVE-2025-38535?
To fix CVE-2025-38535, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-38535 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-38535 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-38535?
CVE-2025-38535 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.